LibsEatPoop [any]@hexbear.net to technology@hexbear.netEnglish · edit-28 months agoAll Linux users, check your XZ library. You might be infected.www.cyberkendra.comexternal-linkmessage-square30fedilinkarrow-up179arrow-down10file-text
arrow-up179arrow-down1external-linkAll Linux users, check your XZ library. You might be infected.www.cyberkendra.comLibsEatPoop [any]@hexbear.net to technology@hexbear.netEnglish · edit-28 months agomessage-square30fedilinkfile-text
minus-squareFaresh@lemmy.mllinkfedilinkEnglisharrow-up23·8 months agoDo not run xz --version. Instead check the version in your package manager.
minus-squareheyfrancis@lemmy.mllinkfedilinkEnglisharrow-up14·edit-28 months agodebian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz EDIT: correction as suggested below
minus-squarepoweruser@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·8 months agoOn my machine the package name is slightly different: apt show xz-utils
minus-squarebuckykat [none/use name]@hexbear.netlinkfedilinkEnglisharrow-up2·8 months ago5.4.1, my habit of putting off updates pays off again
minus-squareLibsEatPoop [any]@hexbear.netOPlinkfedilinkEnglisharrow-up6·8 months agoWhy is that? I know the latter gives you more info, but it’s still the same thing isn’t it?
minus-squareFaresh@lemmy.mllinkfedilinkEnglisharrow-up20·8 months agoBecause you are running the affected software. It’s a bad idea to run something if we are aware that it contains or relies on malicious code.
minus-squareLibsEatPoop [any]@hexbear.netOPlinkfedilinkEnglisharrow-up15·8 months agoOmg obviously. Can’t believe I didn’t realize that. Thanks for the answer.
Do not run
xz --version
. Instead check the version in your package manager.debian/ubuntu based distros: apt show xz-utils or dpkg -l | grep xz redhat/fedora-based: yum info xz dnf info xz arch-based: pacman -Qi xz
EDIT: correction as suggested below
On my machine the package name is slightly different:
apt show xz-utils
5.4.1, my habit of putting off updates pays off again
Why is that? I know the latter gives you more info, but it’s still the same thing isn’t it?
Because you are running the affected software. It’s a bad idea to run something if we are aware that it contains or relies on malicious code.
Omg obviously. Can’t believe I didn’t realize that. Thanks for the answer.