Email or username:

Password:

Forgot your password?
Top-level
Jan Wildeboer 😷:krulorange:

For the impact on #Fedora, please follow the developing story at fedoramagazine.org/cve-2024-30 - That's the transparency and openness I am talking about.

2 comments
Jan Wildeboer 😷:krulorange:

This #xz backdoor is tracked as CVE-2024-3094 and this CVE was opened by #RedHat. You can find our data on this at access.redhat.com/security/cve If you search for "CVE-2024-3094" with the search engine of your choice you will find a growing list of references (and clickbait stories) of which nvd.nist.gov/vuln/detail/CVE-2 is a bit more relevant as it contains a long list of links to more news and background. The thread that started it all is at openwall.com/lists/oss-securit

This #xz backdoor is tracked as CVE-2024-3094 and this CVE was opened by #RedHat. You can find our data on this at access.redhat.com/security/cve If you search for "CVE-2024-3094" with the search engine of your choice you will find a growing list of references (and clickbait stories) of which nvd.nist.gov/vuln/detail/CVE-2 is a bit more relevant as it contains a long list of links to more news and background. The thread that started it all is at

Jan Wildeboer 😷:krulorange:

I will let this tread rest for a while, as IMHO (In My Humble Opinion) everything we know ATM (At This Moment) is documented in the links I provided and besides making sure our machines have been updated (more precise: downgraded the xz package) there is not much we can do. I will NOT participate in speculations and potentially harmful spreading of rumours. And now I will be taking care of other things on this beautiful day. Thank you all for taking your time to read and comment!

Go Up