jschauma, 1 month ago Here's a thorough analysis of all the commits by "Jia Tan" from 2023-08 through 2024-03, showing the many legitimate code changes done before the introduction of the #xz #backdoor: https://tukaani.org/xz-backdoor/review.html
Here's a thorough analysis of all the commits by "Jia Tan" from 2023-08 through 2024-03, showing the many legitimate code changes done before the introduction of the #xz #backdoor:
https://tukaani.org/xz-backdoor/review.html
jschauma, 1 month ago Excellent summary by Solar Designer on oss-security of what's happened in the last two weeks in response to the #xz #backdoor: https://www.openwall.com/lists/oss-security/2024/04/16/5 Noteworthy: #OpenSSH implemented systemd notification #systemd moves to dlopen(3) for some dependencies another detailed timeline at https://research.swtch.com/xz-timeline similar social engineering takeover attempts suspected in #OpenJS and #OpenSSF
Excellent summary by Solar Designer on oss-security of what's happened in the last two weeks in response to the #xz #backdoor:
https://www.openwall.com/lists/oss-security/2024/04/16/5
Noteworthy:
Viss, 1 month ago @jschauma wild!
@jschauma wild!
Add comment