Steve BellovinMar 29, 2024
If you use Homebrew on MacOS, you're affected—do 'brew update' and 'brew upgrade’.
https://infosec.exchange/@wdormann/112179988525798247
Will Dormann (@[email protected])

Just a backdoor in XZ. Nothing important. https://www.openwall.com/lists/oss-security/2024/03/29/4

Infosec Exchange
Show threadOzzie D, NP-hard  Mar 29, 2024

@SteveBellovin The openwall post describing the xz backdoor (https://www.openwall.com/lists/oss-security/2024/03/29/4) says it decides to modify the the build process to inject the code, with conditions including:

  • targeting only x86-64 linux
  • running as part of a debian or RPM package build
oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

Show threadEashwar

@ozdreaming This was my understanding as well.
- Linux
- x86_64
- Compiled with GCC/GNU LD (IIRC all the homebrew stuff uses Clang?)
- Implied Glibc (due to IFUNC usage)
- Built from tarballs for deb or RPM

But I suppose it doesn't hurt to just avoid using code with potential backdoors in it 🙂

Mar 29, 2024 at 7:11pmWeb