Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > linux.debian.project > #14028 > unrolled thread

about XZ backdoor

Started by"William Richards #SaveOurInternet" <corpseleague@gmail.com>
First post2025-11-21 19:10 +0100
Last post2025-11-23 21:20 +0100
Articles 5 — 3 participants

Back to article view | Back to linux.debian.project


Contents

  about XZ backdoor "William Richards #SaveOurInternet" <corpseleague@gmail.com> - 2025-11-21 19:10 +0100
    Re: about XZ backdoor <tomas@tuxteam.de> - 2025-11-21 23:30 +0100
      Re: about XZ backdoor Richard Lewis <richard.lewis.debian@googlemail.com> - 2025-11-23 19:10 +0100
        Re: about XZ backdoor <tomas@tuxteam.de> - 2025-11-23 19:20 +0100
          Re: about XZ backdoor Richard Lewis <richard.lewis.debian@googlemail.com> - 2025-11-23 21:20 +0100

#14028 — about XZ backdoor

From"William Richards #SaveOurInternet" <corpseleague@gmail.com>
Date2025-11-21 19:10 +0100
Subjectabout XZ backdoor
Message-ID<LTDK1-eGHo-1@gated-at.bofh.it>

[Multipart message — attachments visible in raw view] — view raw

Would the backdoor have affected any Debian Linux web servers or cloud
environments?
Also how bad is the actual backdoor? Does the backdoor activate on your
system while you’re writing it to be a part of the binary of another
program? Also with targeting x86-64 does it just mean Linux computers that
use x86-64?

- 1 million top web servers use Linux
- Linux powers most of Global Cloud Environment
- 500 supercomputers use Linux
- Android is based off Linux

[toc] | [next] | [standalone]


#14029

From<tomas@tuxteam.de>
Date2025-11-21 23:30 +0100
Message-ID<LTHND-eJgv-3@gated-at.bofh.it>
In reply to#14028

[Multipart message — attachments visible in raw view] — view raw

On Fri, Nov 21, 2025 at 11:22:15AM +0000, William Richards #SaveOurInternet wrote:
> Would the backdoor have affected any Debian Linux web servers or cloud
> environments?
> Also how bad is the actual backdoor? Does the backdoor activate on your
> system while you’re writing it to be a part of the binary of another
> program? Also with targeting x86-64 does it just mean Linux computers that
> use x86-64?
> 
> - 1 million top web servers use Linux
> - Linux powers most of Global Cloud Environment
> - 500 supercomputers use Linux
> - Android is based off Linux

Actually, if you do you homework, you can find out for yourself. Start
here:

  https://en.wikipedia.org/wiki/Xz_backdoor

and follow the relevant links.

Cheers
-- 
t

[toc] | [prev] | [next] | [standalone]


#14030

FromRichard Lewis <richard.lewis.debian@googlemail.com>
Date2025-11-23 19:10 +0100
Message-ID<LUmH7-fcLt-45@gated-at.bofh.it>
In reply to#14029
<tomas@tuxteam.de> writes:

> On Fri, Nov 21, 2025 at 11:22:15AM +0000, William Richards #SaveOurInternet wrote:
>> Would the backdoor have affected any Debian Linux web servers or cloud
>> environments?
>> Also how bad is the actual backdoor? Does the backdoor activate on your
>> system while you’re writing it to be a part of the binary of another
>> program? Also with targeting x86-64 does it just mean Linux computers that
>> use x86-64?
>> 
>> - 1 million top web servers use Linux
>> - Linux powers most of Global Cloud Environment
>> - 500 supercomputers use Linux
>> - Android is based off Linux
>
> Actually, if you do you homework, you can find out for yourself. Start
> here:
>
>   https://en.wikipedia.org/wiki/Xz_backdoor

Is there also a write-up of Debian's response and/or learning from this incident?

[toc] | [prev] | [next] | [standalone]


#14031

From<tomas@tuxteam.de>
Date2025-11-23 19:20 +0100
Message-ID<LUmQN-fcQi-5@gated-at.bofh.it>
In reply to#14030

[Multipart message — attachments visible in raw view] — view raw

On Sun, Nov 23, 2025 at 05:33:01PM +0000, Richard Lewis wrote:
> <tomas@tuxteam.de> writes:

[...]

> > Actually, if you do you homework, you can find out for yourself. Start
> > here:
> >
> >   https://en.wikipedia.org/wiki/Xz_backdoor
> 
> Is there also a write-up of Debian's response and/or learning from this incident?

Follow link #21 in the above reference.

Cheers
-- 
t

[toc] | [prev] | [next] | [standalone]


#14032

FromRichard Lewis <richard.lewis.debian@googlemail.com>
Date2025-11-23 21:20 +0100
Message-ID<LUoIV-fecY-3@gated-at.bofh.it>
In reply to#14031
<tomas@tuxteam.de> writes:

> On Sun, Nov 23, 2025 at 05:33:01PM +0000, Richard Lewis wrote:

>> >   https://en.wikipedia.org/wiki/Xz_backdoor
>> 
>> Is there also a write-up of Debian's response and/or learning from this incident?
>
> Follow link #21 in the above reference.

well that is about fixing the specific cve, but that's not really the
same as a write-up of the overall response, which involved lots of
people doing lots of things

[toc] | [prev] | [standalone]


Back to top | Article view | linux.debian.project


csiph-web