On 2024-04-03 19:15, David Cook via Koha-devel wrote:
Hi all,
This isn’t related to Koha per se, but I thought I’d share it for anyone
who hasn’t seen it: https://en.wikipedia.org/wiki/XZ_Utils_backdoor
<https://en.wikipedia.org/wiki/XZ_Utils_backdoor>
All the more reason to have things like Kohacon so that we actually know
each other…
Thanks David. For those using Debian: "Right now no Debian stable
versions are known to be affected. Compromised packages were part of the
Debian testing, unstable and experimental distributions"
<https://lists.debian.org/debian-security-announce/2024/msg00057.html>
and Ubuntu: "The affected version of xz-utils was only in
noble-proposed, and was removed before migrating to noble itself. No
released versions of Ubuntu were affected by this issue."
<https://ubuntu.com/security/CVE-2024-3094>
Now back to my trusty old Koha 3.8.24, current server up-time 1,410 days ;=}
Paul
David Cook
Senior Software Engineer
Prosentient Systems
Suite 7.03
6a Glen St
Milsons Point NSW 2061
Australia
Office: 02 9212 0899
Online: 02 8005 0595
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : https://www.koha-community.org/
git : https://git.koha-community.org/
bugs : https://bugs.koha-community.org/
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : https://www.koha-community.org/
git : https://git.koha-community.org/
bugs : https://bugs.koha-community.org/
