Steve BellovinMar 29, 2024
If you use Homebrew on MacOS, you're affected—do 'brew update' and 'brew upgrade’.
https://infosec.exchange/@wdormann/112179988525798247
Will Dormann (@[email protected])

Just a backdoor in XZ. Nothing important. https://www.openwall.com/lists/oss-security/2024/03/29/4

Infosec Exchange
Show threadseachangedMar 30, 2024

@SteveBellovin

xz --version

to see if you have 5.6.0 or 5.6.1 installed

brew deps --tree --installed

.. to show who uses it, what you have to remove to get rid of it. In my case, it was:

brew remove curl
brew remove zstd

and then

brew uninstall --force xz

Show threadClemensMar 30, 2024
@seachanged @SteveBellovin not really necessary on macOS, see https://chaos.social/@neverpanic/112183630657119344 and replies.
Clemens (@[email protected])

@cy @3f @isotopp the exploit didn't target macOS, so while homebrew and macports did roll back, they were not affected by the discovered backdoor.

chaos.social
Show threadSteve Bellovin
@neverpanic @seachanged At this point, I frankly don’t trust any version of xz from after this guy became the maintainer…
Mar 30, 2024 at 1:34pmWeb