commit: e12c7ce6dab9f016b3efdd0a774793865c486b8c Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Fri Mar 29 16:14:28 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri Mar 29 16:14:53 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e12c7ce6
profiles: add references to xz-utils mask See https://www.openwall.com/lists/oss-security/2024/03/29/4. Bug: https://bugs.gentoo.org/928134 Signed-off-by: Sam James <sam <AT> gentoo.org> profiles/package.mask | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/profiles/package.mask b/profiles/package.mask index 9c0a936af421..7abcf6cc3031 100644 --- a/profiles/package.mask +++ b/profiles/package.mask @@ -34,7 +34,9 @@ #--- END OF EXAMPLES --- # Sam James <[email protected]> (2024-03-28) -# Serious bug which is being investigated. Please downgrade ASAP. +# Backdoor discovered in release tarballs. DOWNGRADE NOW. +# https://www.openwall.com/lists/oss-security/2024/03/29/4 +# https://bugs.gentoo.org/928134 >=app-arch/xz-utils-5.6.0 # Michał Górny <[email protected]> (2024-03-26)
