jwildeboer, 2 months ago (edited 1 month ago) This #xz backdoor is tracked as CVE-2024-3094 and this CVE was opened by #RedHat. You can find our data on this at https://access.redhat.com/security/cve/CVE-2024-3094 If you search for "CVE-2024-3094" with the search engine of your choice you will find a growing list of references (and clickbait stories) of which https://nvd.nist.gov/vuln/detail/CVE-2024-3094 is a bit more relevant as it contains a long list of links to more news and background. The thread that started it all is at https://www.openwall.com/lists/oss-security/2024/03/29/4 The FAQ is at https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
This #xz backdoor is tracked as CVE-2024-3094 and this CVE was opened by #RedHat. You can find our data on this at https://access.redhat.com/security/cve/CVE-2024-3094 If you search for "CVE-2024-3094" with the search engine of your choice you will find a growing list of references (and clickbait stories) of which https://nvd.nist.gov/vuln/detail/CVE-2024-3094 is a bit more relevant as it contains a long list of links to more news and background. The thread that started it all is at https://www.openwall.com/lists/oss-security/2024/03/29/4
The FAQ is at https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27