Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > linux.debian.project > #14032

Re: about XZ backdoor

From Richard Lewis <richard.lewis.debian@googlemail.com>
Newsgroups linux.debian.project
Subject Re: about XZ backdoor
Date 2025-11-23 21:20 +0100
Message-ID <LUoIV-fecY-3@gated-at.bofh.it> (permalink)
References <LTDK1-eGHo-1@gated-at.bofh.it> <LTHND-eJgv-3@gated-at.bofh.it> <LUmH7-fcLt-45@gated-at.bofh.it> <LUmQN-fcQi-5@gated-at.bofh.it>
Organization linux.* mail to news gateway

Show all headers | View raw


<tomas@tuxteam.de> writes:

> On Sun, Nov 23, 2025 at 05:33:01PM +0000, Richard Lewis wrote:

>> >   https://en.wikipedia.org/wiki/Xz_backdoor
>> 
>> Is there also a write-up of Debian's response and/or learning from this incident?
>
> Follow link #21 in the above reference.

well that is about fixing the specific cve, but that's not really the
same as a write-up of the overall response, which involved lots of
people doing lots of things

Back to linux.debian.project | Previous | NextPrevious in thread | Find similar | Unroll thread


Thread

about XZ backdoor "William Richards #SaveOurInternet" <corpseleague@gmail.com> - 2025-11-21 19:10 +0100
  Re: about XZ backdoor <tomas@tuxteam.de> - 2025-11-21 23:30 +0100
    Re: about XZ backdoor Richard Lewis <richard.lewis.debian@googlemail.com> - 2025-11-23 19:10 +0100
      Re: about XZ backdoor <tomas@tuxteam.de> - 2025-11-23 19:20 +0100
        Re: about XZ backdoor Richard Lewis <richard.lewis.debian@googlemail.com> - 2025-11-23 21:20 +0100

csiph-web