On 2024-03-31, Daniel65 <
daniel47@nomail.afraid.org> wrote:
David W. Hodgins wrote on 31/3/24 3:25 am:
https://tukaani.org/xz-backdoor/
The xz version with the backdoor never made it into Mageia. Even
cauldron still has version 5.4.6.
The backdoor was inserted into the 5.6.0 and 5.6.1 releases.
Regards, Dave Hodgins
Hmmm! How fortunate for you to post this, David.
I was just reading some of the posts on my Win7 NG and someone there had posted that Linux was now susceptible to Virus' so I was going to ask,
here, if this WAS the case or was this just an example of Windows users griping!!
Sure, Virii and 'back-doors' are not the same thing .... but still we
have to be careful, it seems.
Yes, they are definitely different. One i putting a deliberate bug into
the OS by infiltrating the OS team, the other is taking advantage of
bugs that got put in unintentionally. Linux has always been susceptible
to the former, Windows to the latter. But you also notice that this bug
was discovered and (hopefully) defanged by the "many eyes" phenomena--
you open the code to may eyes and one of them, by accident or design,
will notice the problem early.
And it is, we have to be observant, and willing to investigate when
something looks fishy.Being carefull is useless in this case. There is
nothing that a user could have done to make themselves safe from this
bug.
--- MBSE BBS v1.0.8.6 (Linux-x86_64)
* Origin: A noiseless patient Spider (2:250/1@fidonet)