[sage-release] Re: xz/liblzma has been compromised
FWIW, Debian's security has reverted to 5.4.1 on Mar 28. Many thanks for the lookup ! Le vendredi 29 mars 2024 à 20:18:20 UTC+1, Dima Pasechnik a écrit : > https://www.openwall.com/lists/oss-security/2024/03/29/4 > > if your have xz 5.6.0 or 5.6.1 installed (e.g. Debian testing/unstable) > you have a backdoored xz. > -- You received this message because you are subscribed to the Google Groups "sage-release" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-release+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-release/ceece4a2-5350-48fb-bafc-2df7c244fc5cn%40googlegroups.com.
[sage-release] Re: xz/liblzma has been compromised
Thanks! -- You received this message because you are subscribed to the Google Groups "sage-release" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-release+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-release/276e3933-d580-4d1a-b243-2c5a27e90943n%40googlegroups.com.
[sage-release] Re: xz/liblzma has been compromised
and Homebrew. Please upgrade your Homebrew. It should do a downgrade: `brew upgrade` now "upgrades" xz from 5.6.1 -> 5.4.6 On Fri, Mar 29, 2024 at 7:36 PM Dima Pasechnik wrote: > > aand Conda: https://anaconda.org/anaconda/xz shows version 5.6.1 > > On Fri, Mar 29, 2024 at 7:18 PM Dima Pasechnik wrote: > > > > https://www.openwall.com/lists/oss-security/2024/03/29/4 > > > > if your have xz 5.6.0 or 5.6.1 installed (e.g. Debian testing/unstable) > > you have a backdoored xz. -- You received this message because you are subscribed to the Google Groups "sage-release" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-release+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-release/CAAWYfq3%3DOQprCMf%3Dv2ubAoZVhFEHBSjf52LT9XHAR8nRiOR3GA%40mail.gmail.com.
[sage-release] Re: xz/liblzma has been compromised
aand Conda: https://anaconda.org/anaconda/xz shows version 5.6.1 On Fri, Mar 29, 2024 at 7:18 PM Dima Pasechnik wrote: > > https://www.openwall.com/lists/oss-security/2024/03/29/4 > > if your have xz 5.6.0 or 5.6.1 installed (e.g. Debian testing/unstable) > you have a backdoored xz. -- You received this message because you are subscribed to the Google Groups "sage-release" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-release+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-release/CAAWYfq3TfwUtW%2B4ZV0GMr4egCUsrgjHTrTtzuVeKi5ARj4tuUA%40mail.gmail.com.
