RetroBBS - comp.os.linux.advocacy - Re: Check If Your Distro Is Vulnerable To XZ Backdoor

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uug1ma$30ifd$2@dont-email.me>

https://www.rocksolidbbs.com/computers/article-flat.php?id=13133&group=comp.os.linux.advocacy#13133

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 04:31:07 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 11
Message-ID: <uug1ma$30ifd$2@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org>
<uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me>
<uuf23m$o69$10@solani.org> <uuf35f$2m58i$1@dont-email.me>
<uuf510$tfl$1@solani.org> <uufap2$2nu6h$1@dont-email.me>
<uuflm4$2q81c$5@dont-email.me> <uufvc8$1c3e$1@solani.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 02 Apr 2024 04:31:07 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="6bac8e0fd82579f167fcd77dc15169c7";
logging-data="3164653"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+jwldLb8WSVns5IBe8sZSr"
User-Agent: Pan/0.155 (Kherson; fc5a80b8)
Cancel-Lock: sha1:6ahwJHzO6NbTDiIatsRaGjeHtBI=

by: Lawrence D'Oliv - Tue, 2 Apr 2024 04:31 UTC

On Mon, 1 Apr 2024 22:51:36 -0500, Physfitfreak wrote:

> On 4/1/24 20:06, Lawrence D'Oliveiro wrote:
>
>> dpkg-query -S /usr/sbin/sshd
>
>
> I already directly deleted it.

Don’t do that. It leaves your system’s installed packages in an
inconsistent state.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l71jrbFj76rU3@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13134&group=comp.os.linux.advocacy#13134

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!usenet.network!news.neodome.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 2 Apr 2024 05:36:43 GMT
Lines: 10
Message-ID: <l71jrbFj76rU3@mid.individual.net>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net GZqmGic6dP1h/MWYp4AkWg0gKAJSZqscvjndfOu0k29B7SJOk4
Cancel-Lock: sha1:amcQyBCUzH8q9zUdXIjgN47MVxw= sha256:WAFACTOgFUQxxL8mguZo1QLXRVn4x/X7SCOQjR8rz5g=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Tue, 2 Apr 2024 05:36 UTC

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l71k47Fj76rU4@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13135&group=comp.os.linux.advocacy#13135

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 2 Apr 2024 05:41:28 GMT
Lines: 8
Message-ID: <l71k47Fj76rU4@mid.individual.net>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf1d8$2lo4r$1@dont-email.me>
<uuf21o$o69$9@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net 4xG5TPtcN0YrunzGCVXIiAZqmUyGKJg+WpZN2ak5nkpVIcowBB
Cancel-Lock: sha1:pl8pfDYQWF/7lEW7wVwlfrXDB6w= sha256:MP3WOdKnPG4FTclypEGKC3QYnNQ8KuNgDYQkhIb7aQs=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Tue, 2 Apr 2024 05:41 UTC

On Mon, 1 Apr 2024 14:31:04 -0500, Physfitfreak wrote:

> Does one need to have sshd on the system?

No and it isn't included by default on many distros. They attempt to
protect the naive user by not even making it available. It is not on my
Ubuntu box and I installed it on the Fedora box so I could transfer files
with sftp.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13152&group=comp.os.linux.advocacy#13152

copy link Newsgroups: comp.os.linux.advocacy

From: ff@linux.rocks (Farley Flud)
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Newsgroups: comp.os.linux.advocacy
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com> <uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Lines: 31
Path: i2pn2.org!i2pn.org!news.samoylyk.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr2.iad1.usenetexpress.com!news.usenetexpress.com!not-for-mail
Date: Tue, 02 Apr 2024 10:45:41 +0000
Nntp-Posting-Date: Tue, 02 Apr 2024 10:45:41 +0000
X-Received-Bytes: 1690
Organization: UsenetExpress - www.usenetexpress.com
X-Complaints-To: abuse@usenetexpress.com
Message-Id: <17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>

by: Farley Flud - Tue, 2 Apr 2024 10:45 UTC

On Tue, 2 Apr 2024 01:05:18 -0000 (UTC), Lawrence D'Oliveiro wrote:

>
>> Unless you need to remote into your computer, sshd isnt /neccesary/.
>
> I do that all the time. It’s a handy way to mirror things between, say, my
> main workstation and my laptop, via rsync.
>

Ha, ha, ha, ha, ha, ha, ha, ha, ha! What a clown!

Only a total idiot would use an encrypted link to transfer
data between machines located 20 feet apart (or less) and
both of which are presumably under his control.

Do you see bogey men hiding under your sofa?

Rsync by itself is quite sufficient.

In fact, on my local network, I use GNU inetutils to
perform actions that are all in the clear, i.e. no
encryption.

That's because I do not hallucinate bogey men.

Note that GNU inetutils is no longer offered by most
distros. You obviously have a lot of paranoiac
brethren.

Ha, ha, ha, ha, ha, ha, ha, ha, ha!

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uugt4d$36oe5$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13153&group=comp.os.linux.advocacy#13153

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!rocksolid2!news.neodome.net!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: OFeem1987@teleworm.us (Chris Ahlstrom)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 08:19:25 -0400
Organization: None
Lines: 45
Message-ID: <uugt4d$36oe5$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org>
<uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me>
<uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
Reply-To: OFeem1987@teleworm.us
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 02 Apr 2024 12:19:25 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="88e26563ce9d41076278c0a45fe2b11e";
logging-data="3367365"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+xMVCpENWwyEHQf0N2L6Qn"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:pyibFDRB0FN6LowbM55LFx5X0H8=
X-Mutt: The most widely-used MUA
X-User-Agent: Microsoft Outl00k, Usenet K00k Editions
X-Slrn: Why use anything else?

by: Chris Ahlstrom - Tue, 2 Apr 2024 12:19 UTC

Farley Flud wrote this copyrighted missive and expects royalties:

> On Tue, 2 Apr 2024 01:05:18 -0000 (UTC), Lawrence D'Oliveiro wrote:
>
>>
>>> Unless you need to remote into your computer, sshd isnt /neccesary/.
>>
>> I do that all the time. It’s a handy way to mirror things between, say, my
>> main workstation and my laptop, via rsync.
>
> Ha, ha, ha, ha, ha, ha, ha, ha, ha! What a clown!
>
> Only a total idiot would use an encrypted link to transfer
> data between machines located 20 feet apart (or less) and
> both of which are presumably under his control.
>
> Do you see bogey men hiding under your sofa?
>
> Rsync by itself is quite sufficient.
>
> In fact, on my local network, I use GNU inetutils to
> perform actions that are all in the clear, i.e. no
> encryption.
>
> That's because I do not hallucinate bogey men.
>
> Note that GNU inetutils is no longer offered by most
> distros. You obviously have a lot of paranoiac
> brethren.
>
> Ha, ha, ha, ha, ha, ha, ha, ha, ha!

Ha, ha, ha, ha, ha, ha, ha, ha, ha!
Ha, ha, ha, ha, ha, ha, ha, ha, ha!
Ha, ha, ha, ha, ha, ha, ha, ha, ha!
Ha, ha, ha, ha, ha, ha, ha, ha, ha!
Ha, ha, ha, ha, ha, ha, ha, ha, ha!

Hope you're not on wireless, umbdass.

Oh, I also suspect your "backdoor" is vulnerable :-D

--
He that is giddy thinks the world turns round.
-- William Shakespeare, "The Taming of the Shrew"

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uuh7na$39e6r$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13160&group=comp.os.linux.advocacy#13160

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!usenet.network!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07@candycanearter07.nomail.afraid (candycanearter07)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 15:20:10 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 12
Message-ID: <uuh7na$39e6r$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uufl9v$2q81c$2@dont-email.me>
Injection-Date: Tue, 02 Apr 2024 15:20:10 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="1b7679fc2773f20ec5b2192d045298ef";
logging-data="3455195"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/CCRqpL3j+pwaZBdTvqnZxUlOQ/880XTraHWVRqhWrUA=="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:5jmqTD35GXNi0EXbwf2LJV2EI/4=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D

by: candycanearter07 - Tue, 2 Apr 2024 15:20 UTC

Lawrence D'Oliveiro <ldo@nz.invalid> wrote at 00:59 this Tuesday (GMT):
> On Mon, 1 Apr 2024 19:00:08 -0000 (UTC), candycanearter07 wrote:
>
>> Weird, probably means it's not installed..
>
> Just a note: it typically resides in /usr/sbin/ssh. While /usr/sbin is
> usually part of the $PATH for root, it is not for a nonprivileged user.

Weird, it's in the PATH for my acct.
--
user <candycane> is generated from /dev/urandom

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uuh7na$39e6r$2@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13161&group=comp.os.linux.advocacy#13161

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!usenet.network!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07@candycanearter07.nomail.afraid (candycanearter07)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 15:20:11 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 13
Message-ID: <uuh7na$39e6r$2@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org>
<uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me>
<uuf23m$o69$10@solani.org> <uuf35f$2m58i$1@dont-email.me>
<uuf510$tfl$1@solani.org> <uufap2$2nu6h$1@dont-email.me>
<uuflm4$2q81c$5@dont-email.me>
Injection-Date: Tue, 02 Apr 2024 15:20:11 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="1b7679fc2773f20ec5b2192d045298ef";
logging-data="3455195"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+uJN5sUQhPmMHDLGnYDnxCfGukZNcqrpAV9HtNKeqPzQ=="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:dxl8tyeNe0hqZed9Rpi4vdGk6+0=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D

by: candycanearter07 - Tue, 2 Apr 2024 15:20 UTC

Lawrence D'Oliveiro <ldo@nz.invalid> wrote at 01:06 this Tuesday (GMT):
> On Mon, 1 Apr 2024 22:00:03 -0000 (UTC), candycanearter07 wrote:
>
>> Weird. Maybe it's being supplied by another package?
>
> Check which one with a command like
>
> dpkg-query -S /usr/sbin/sshd

Ah, thanks. I only know how to do it on arch (pacman -Qo)
--
user <candycane> is generated from /dev/urandom

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13165&group=comp.os.linux.advocacy#13165

copy link Newsgroups: comp.os.linux.advocacy

From: ff@linux.rocks (Farley Flud)
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Newsgroups: comp.os.linux.advocacy
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com> <uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me> <17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com> <uugt4d$36oe5$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Lines: 12
Path: i2pn2.org!i2pn.org!newsfeed.bofh.team!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!feeder.usenetexpress.com!tr2.iad1.usenetexpress.com!news.usenetexpress.com!not-for-mail
Date: Tue, 02 Apr 2024 19:58:20 +0000
Nntp-Posting-Date: Tue, 02 Apr 2024 19:58:20 +0000
X-Received-Bytes: 1097
Organization: UsenetExpress - www.usenetexpress.com
X-Complaints-To: abuse@usenetexpress.com
Message-Id: <17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>

by: Farley Flud - Tue, 2 Apr 2024 19:58 UTC

On Tue, 2 Apr 2024 08:19:25 -0400, Chris Ahlstrom wrote:

>
> Hope you're not on wireless, umbdass.
>

Wireless? No sane, rational human being would ever do anything
over wireless.

Wireless is for lazy ignoramuses.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uui0tr$3fb8j$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13168&group=comp.os.linux.advocacy#13168

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.samoylyk.net!newsfeed.xs3.de!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: cr0c0d1le.ewlkg@8shield.net (cr0c0d1le)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 18:30:19 -0400
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <uui0tr$3fb8j$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uufl9v$2q81c$2@dont-email.me> <uuh7na$39e6r$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 02 Apr 2024 22:30:19 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="787ff289b89635e78f0bd63873e32381";
logging-data="3648787"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19pwgghETD6WatrQFAy0muUfiRaHCN0PDE="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:xKhcdnlkdZEgHzQGr3QreJRG0Sw=
Content-Language: en-US
In-Reply-To: <uuh7na$39e6r$1@dont-email.me>

by: cr0c0d1le - Tue, 2 Apr 2024 22:30 UTC

On 2024-04-02 11:20, candycanearter07 wrote:
> Lawrence D'Oliveiro <ldo@nz.invalid> wrote at 00:59 this Tuesday (GMT):
>> On Mon, 1 Apr 2024 19:00:08 -0000 (UTC), candycanearter07 wrote:
>>
>>> Weird, probably means it's not installed..
>>
>> Just a note: it typically resides in /usr/sbin/ssh. While /usr/sbin is
>> usually part of the $PATH for root, it is not for a nonprivileged user.
>
>
> Weird, it's in the PATH for my acct.
My version of xz installed via homebrew was vulnerable :S I thought the
vulnerability only affected Linux, but macOS is also affected by it.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uui83n$3gona$4@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13170&group=comp.os.linux.advocacy#13170

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Wed, 3 Apr 2024 00:32:56 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 8
Message-ID: <uui83n$3gona$4@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uufl9v$2q81c$2@dont-email.me> <uuh7na$39e6r$1@dont-email.me>
<uui0tr$3fb8j$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 03 Apr 2024 00:32:56 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="16e69d2ca1c4626c1f9269404c95150f";
logging-data="3695338"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/z41ooWfSkNDiGLyEluaYj"
User-Agent: Pan/0.155 (Kherson; fc5a80b8)
Cancel-Lock: sha1:g4gU2B/zBIeVhdTQtlbrL73+5Lw=

by: Lawrence D'Oliv - Wed, 3 Apr 2024 00:32 UTC

On Tue, 2 Apr 2024 18:30:19 -0400, cr0c0d1le wrote:

> My version of xz installed via homebrew was vulnerable :S I thought the
> vulnerability only affected Linux, but macOS is also affected by it.

The compromised version has been released on all platforms. But it may be
that there is no other package on macOS that (directly or indirectly)
depends on it, that is capable of triggering the backdoor.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uui9fo$2kuk$1@solani.org>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13172&group=comp.os.linux.advocacy#13172

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: physfitfreak@gmail.com (Physfitfreak)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Tue, 2 Apr 2024 19:56:24 -0500
Organization: Modern Human
Message-ID: <uui9fo$2kuk$1@solani.org>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 3 Apr 2024 00:56:24 -0000 (UTC)
Injection-Info: solani.org;
logging-data="86996"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:M7D9lIkVXTfSqre/EA9AC/f+rog=
In-Reply-To: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
X-User-ID: eJwFwYEBwCAIA7CXQGjFc5DZ/09YgqBzdhJMCHJGbU1Fodan5DrW672esslzdMPVRC7cRsjKt3VpkGzM+wE+hRU9
Content-Language: en-US

by: Physfitfreak - Wed, 3 Apr 2024 00:56 UTC

On 3/31/24 08:01, Farley Flud wrote:
> Run this command to check if liblzma is linked to ssh:
>
> ldd "$(command -v sshd)"
>
> For example, on Gentoo (the best distro) I get:
>
> linux-vdso.so.1 (0x00007ffff7fcb000)
> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>
> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
> regardless of what version of xz-utils is installed.
>
> Systemd is ultimately responsible and more and more hackers will be
> looking for more and better ways of exploiting that 3 million loc
> pile of junk.
>
> Don't say we didn't tell you so.
>
> To save your systems, downgrade xz-utils AND eliminate systemd.
>
>

What version of xz-utils is vulnerable?

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l741amFtjbmU9@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13176&group=comp.os.linux.advocacy#13176

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 3 Apr 2024 03:39:03 GMT
Lines: 9
Message-ID: <l741amFtjbmU9@mid.individual.net>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org>
<uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me>
<uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net kt3mEsfC1+Eld5OKFfPopgTUcecHukv7y6W02HIThltEG+MF7o
Cancel-Lock: sha1:twkigB8Y7qVUvA5ldI4bop5oqno= sha256:N66dPAf7LioxIQ+7dBtpvkl8opJJkptQdBNRdy5gbGE=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Wed, 3 Apr 2024 03:39 UTC

On Tue, 02 Apr 2024 19:58:20 +0000, Farley Flud wrote:

> Wireless? No sane, rational human being would ever do anything over
> wireless.
>
> Wireless is for lazy ignoramuses.

When you don't have access to DSL, cable, or fiber optic and the raccoons
keep chewing on the copper POTS line you use wireless.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13191&group=comp.os.linux.advocacy#13191

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.neodome.net!npeer.as286.net!npeer-ng0.as286.net!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx17.iad.POSTED!not-for-mail
From: chrisv@nospam.invalid (chrisv)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Message-ID: <26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org> <uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org> <uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me> <17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com> <uugt4d$36oe5$1@dont-email.me> <17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com> <l741amFtjbmU9@mid.individual.net>
X-Newsreader: Forte Agent 1.91/32.564
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Lines: 10
X-Complaints-To: abuse@fastusenet.org
NNTP-Posting-Date: Wed, 03 Apr 2024 12:21:48 UTC
Organization: fastusenet - www.fastusenet.org
Date: Wed, 03 Apr 2024 07:21:48 -0500
X-Received-Bytes: 1446

by: chrisv - Wed, 3 Apr 2024 12:21 UTC

rbowman wrote:

>When you don't have access to DSL, cable, or fiber optic and the raccoons
>keep chewing on the copper POTS line you use wireless.

Starlink!

--
Linux programmers who give their work away so companies like Redhat
can profit from it, are idiots. - Flathead

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uujpo9$3vqgf$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13194&group=comp.os.linux.advocacy#13194

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07@candycanearter07.nomail.afraid (candycanearter07)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Wed, 3 Apr 2024 14:40:09 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 34
Message-ID: <uujpo9$3vqgf$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uui9fo$2kuk$1@solani.org>
Injection-Date: Wed, 03 Apr 2024 14:40:10 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="fca4c9a33a08cd1b7b52a816531dfcb1";
logging-data="4188687"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/TQ/Motigur00LMiqERud19rVj2EAqlDPJfEjurCjaNA=="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:xtSdJxpdb7zVCWnyKMf/5aNSro0=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D

by: candycanearter07 - Wed, 3 Apr 2024 14:40 UTC

Physfitfreak <physfitfreak@gmail.com> wrote at 00:56 this Wednesday (GMT):
> On 3/31/24 08:01, Farley Flud wrote:
>> Run this command to check if liblzma is linked to ssh:
>>
>> ldd "$(command -v sshd)"
>>
>> For example, on Gentoo (the best distro) I get:
>>
>> linux-vdso.so.1 (0x00007ffff7fcb000)
>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>
>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>> regardless of what version of xz-utils is installed.
>>
>> Systemd is ultimately responsible and more and more hackers will be
>> looking for more and better ways of exploiting that 3 million loc
>> pile of junk.
>>
>> Don't say we didn't tell you so.
>>
>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>
>>
>
> What version of xz-utils is vulnerable?

5.6.0 and 5.6.1
--
user <candycane> is generated from /dev/urandom

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uujvi7$395q$1@solani.org>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13198&group=comp.os.linux.advocacy#13198

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: physfitfreak@gmail.com (Physfitfreak)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Wed, 3 Apr 2024 11:19:19 -0500
Organization: Modern Human
Message-ID: <uujvi7$395q$1@solani.org>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uui9fo$2kuk$1@solani.org> <uujpo9$3vqgf$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 3 Apr 2024 16:19:19 -0000 (UTC)
Injection-Info: solani.org;
logging-data="107706"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:GLKBxfI6p8WprEWFIdTkMuRw6tc=
X-User-ID: eJwFwYcBA0EIA7CVaDbJOJRj/xFeglM5GQQDh1vw100vK2uXmBVBeT9mTEtwVcHDuyd6FLP7z0gxNXdMP1RMFWs=
Content-Language: en-US
In-Reply-To: <uujpo9$3vqgf$1@dont-email.me>

by: Physfitfreak - Wed, 3 Apr 2024 16:19 UTC

On 4/3/24 09:40, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 00:56 this Wednesday (GMT):
>> On 3/31/24 08:01, Farley Flud wrote:
>>> Run this command to check if liblzma is linked to ssh:
>>>
>>> ldd "$(command -v sshd)"
>>>
>>> For example, on Gentoo (the best distro) I get:
>>>
>>> linux-vdso.so.1 (0x00007ffff7fcb000)
>>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>>
>>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>>> regardless of what version of xz-utils is installed.
>>>
>>> Systemd is ultimately responsible and more and more hackers will be
>>> looking for more and better ways of exploiting that 3 million loc
>>> pile of junk.
>>>
>>> Don't say we didn't tell you so.
>>>
>>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>>
>>>
>>
>> What version of xz-utils is vulnerable?
>
>
> 5.6.0 and 5.6.1

Mine is 5.2.5-2ubuntu1 and as far as my Linux is concerned it doesn't
automatically require updating.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l75sjnF74kuU10@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13210&group=comp.os.linux.advocacy#13210

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 3 Apr 2024 20:30:47 GMT
Lines: 12
Message-ID: <l75sjnF74kuU10@mid.individual.net>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org>
<uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org>
<uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org>
<uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org>
<uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
<l741amFtjbmU9@mid.individual.net>
<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net d3nHIE3gHCW0EYchyOd+rAx208K+VlywzhPVhf3IjvVnivz43f
Cancel-Lock: sha1:UvNlSj3WUBnED4g5gqp1kS4yFG4= sha256:/hlNewtarSAcUvUMWszP0a3ixV99W8a4+m17DFdzD9Q=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Wed, 3 Apr 2024 20:30 UTC

On Wed, 03 Apr 2024 07:21:48 -0500, chrisv wrote:

> rbowman wrote:
>
>>When you don't have access to DSL, cable, or fiber optic and the
>>raccoons keep chewing on the copper POTS line you use wireless.
>
> Starlink!

I may look into it. The other satellite providers haven't had a stellar
record but I've read some promising reviews of Starlink.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l75slgF74kuU11@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13211&group=comp.os.linux.advocacy#13211

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 3 Apr 2024 20:31:44 GMT
Lines: 10
Message-ID: <l75slgF74kuU11@mid.individual.net>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org>
<uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org>
<uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org>
<uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org>
<uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
<l741amFtjbmU9@mid.individual.net>
<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net /o2RTWgGQhY3LSx6FMYyjA/YcX0RwOExFJMiykEaR2H4/2toV2
Cancel-Lock: sha1:aWOhTJZ6k3ckVvjDMK+bTBCqR28= sha256:rxA7SOdBJb2I+3gsbOuXzrHbzK/BWD/IEQXAbWirQbc=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Wed, 3 Apr 2024 20:31 UTC

On Wed, 03 Apr 2024 07:21:48 -0500, chrisv wrote:

> rbowman wrote:
>
>>When you don't have access to DSL, cable, or fiber optic and the
>>raccoons keep chewing on the copper POTS line you use wireless.
>
> Starlink!

btw, the last time I looked that was sorta wireless too :)

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uukli4$6eta$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13212&group=comp.os.linux.advocacy#13212

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: ldo@nz.invalid (Lawrence D'Oliveiro)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Wed, 3 Apr 2024 22:34:44 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 6
Message-ID: <uukli4$6eta$1@dont-email.me>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org>
<uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org>
<uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org>
<uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org>
<uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
<l741amFtjbmU9@mid.individual.net>
<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
<l75sjnF74kuU10@mid.individual.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 03 Apr 2024 22:34:45 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="65e60660af7cb8bb1a5c0eb384b8a9e7";
logging-data="211882"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18K3R+qCTCKfQ89So0GJBMb"
User-Agent: Pan/0.155 (Kherson; fc5a80b8)
Cancel-Lock: sha1:g1ISqFdqaP+fdayJyz/J27TFNoA=

by: Lawrence D'Oliv - Wed, 3 Apr 2024 22:34 UTC

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<l76dlfFammaU2@mid.individual.net>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13216&group=comp.os.linux.advocacy#13216

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: bowman@montana.com (rbowman)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: 4 Apr 2024 01:21:51 GMT
Lines: 12
Message-ID: <l76dlfFammaU2@mid.individual.net>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org>
<uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org>
<uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org>
<uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org>
<uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
<l741amFtjbmU9@mid.individual.net>
<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
<l75sjnF74kuU10@mid.individual.net> <uukli4$6eta$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net JZSx+kc64etMwVyHCBpbWAb+H0DzS38LdjFgKVHJSUf9nqVOki
Cancel-Lock: sha1:c6xLaURa1ijtwtUiH2v1YcYdjNY= sha256:jJ3vMyIMkjlh0ytA4RxV9H9eVACBQ6fa21zOW99h7Vs=
User-Agent: Pan/0.149 (Bellevue; 4c157ba)

by: rbowman - Thu, 4 Apr 2024 01:21 UTC

On Wed, 3 Apr 2024 22:34:44 -0000 (UTC), Lawrence D'Oliveiro wrote:

> On 3 Apr 2024 20:30:47 GMT, rbowman wrote:
>
>> The other satellite providers haven't had a stellar record but I've
>> read some promising reviews of Starlink.
>
> Stellar ... Starlink ... heh-heh.

I should dig into how Starlink works. Amateur operators were using LEO
satellites with a store and forward scheme since they only had about 15
minutes to hit the bird but they didn't have 6000 birds to hit.

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<slrnv0u9dp.1i8f.SimonJ@silex.localdomain>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13225&group=comp.os.linux.advocacy#13225

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: SimonJ@eu.invalid (Simon)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Thu, 4 Apr 2024 22:12:09 -0000 (UTC)
Message-ID: <slrnv0u9dp.1i8f.SimonJ@silex.localdomain>
References: <uuehj4$2htpk$2@dont-email.me> <uues7i$o69$2@solani.org>
<uuev29$2l6ri$2@dont-email.me> <uuevej$o69$5@solani.org>
<uuf07o$2lfi5$1@dont-email.me> <uuf0er$o69$6@solani.org>
<uuf0sp$o69$7@solani.org> <uuf17d$o69$8@solani.org>
<uuf1vv$2lse9$1@dont-email.me> <uuflke$2q81c$4@dont-email.me>
<17c270b771c4afe1$96665$3081049$802601b3@news.usenetexpress.com>
<uugt4d$36oe5$1@dont-email.me>
<17c28edfdb6e35bd$51772$3384359$802601b3@news.usenetexpress.com>
<l741amFtjbmU9@mid.individual.net>
<26iq0jpejt6e3buv0vm5qjkgi8mnescjdm@4ax.com>
<l75sjnF74kuU10@mid.individual.net> <uukli4$6eta$1@dont-email.me>
Injection-Date: Thu, 4 Apr 2024 22:12:09 -0000 (UTC)
Injection-Info: solani.org;
logging-data="162994"; mail-complaints-to="abuse@news.solani.org"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:pPktwEtBklzQvFP5WBmWU2WwWrA=
X-User-ID: eJwFwYEBgDAIA7CXBqUVzhko/59gQsg0T4gKLvezAWA9E8BstgrQKbvb761KxxHS+zjWyB8XJxBk

by: Simon - Thu, 4 Apr 2024 22:12 UTC

On 2024-04-03, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
> On 3 Apr 2024 20:30:47 GMT, rbowman wrote:
>
>> The other satellite providers haven't had a stellar
>> record but I've read some promising reviews of Starlink.
>
> Stellar ... Starlink ... heh-heh.

I thought I was weird as no-one said anything, I am glad I was not the
only one :-)
--
Simon

RLU: 222126

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<6611097c$0$11895$426a34cc@news.free.fr>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13284&group=comp.os.linux.advocacy#13284

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!proxad.net!feeder1-2.proxad.net!cleanfeed1-b.proxad.net!nnrp3-1.free.fr!not-for-mail
Newsgroups: comp.os.linux.advocacy
From: sc@fiat-linux.fr (Stéphane CARPENTIER)
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf1d8$2lo4r$1@dont-email.me>
Organization: Mulots' Killer
User-Agent: slrn/pre1.0.4-9 (Linux)
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Date: 06 Apr 2024 08:36:12 GMT
Lines: 16
Message-ID: <6611097c$0$11895$426a34cc@news.free.fr>
NNTP-Posting-Date: 06 Apr 2024 10:36:12 CEST
NNTP-Posting-Host: 78.201.248.7
X-Trace: 1712392572 news-4.free.fr 11895 78.201.248.7:32822
X-Complaints-To: abuse@proxad.net

by: Stéphane CARPENTIER - Sat, 6 Apr 2024 08:36 UTC

Le 01-04-2024, candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> a écrit :
> Physfitfreak <physfitfreak@gmail.com> wrote at 19:03 this Monday (GMT):
>>
>> I get the same result with command,
>>
>> which
>>
>> by itself. So it is something about the command, not sshd.
>
> huh. Maybe it's implemented as a shell command?

Run "type which" and you'll know, but honestly I doubt it.

--
Si vous avez du temps à perdre :
https://scarpet42.gitlab.io

Re: Check If Your Distro Is Vulnerable To XZ Backdoor

<uuub82$2r76b$1@dont-email.me>

copy mid

https://www.rocksolidbbs.com/computers/article-flat.php?id=13319&group=comp.os.linux.advocacy#13319

copy link Newsgroups: comp.os.linux.advocacy

Path: i2pn2.org!i2pn.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: candycanearter07@candycanearter07.nomail.afraid (candycanearter07)
Newsgroups: comp.os.linux.advocacy
Subject: Re: Check If Your Distro Is Vulnerable To XZ Backdoor
Date: Sun, 7 Apr 2024 14:40:02 -0000 (UTC)
Organization: the-candyden-of-code
Lines: 18
Message-ID: <uuub82$2r76b$1@dont-email.me>
References: <17c1daf1b743b4f8$156268$3716115$802601b3@news.usenetexpress.com>
<uuc40a$22uoo$1@solani.org> <uuehj4$2htpk$2@dont-email.me>
<uues7i$o69$2@solani.org> <uuev29$2l6ri$2@dont-email.me>
<uuevej$o69$5@solani.org> <uuf07o$2lfi5$1@dont-email.me>
<uuf0er$o69$6@solani.org> <uuf1d8$2lo4r$1@dont-email.me>
<6611097c$0$11895$426a34cc@news.free.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 07 Apr 2024 14:40:02 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="4ffb56ad28b3ee07a82d192d763e7ceb";
logging-data="2989259"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18naRX9NYOAfwNrnPs9BvSjKHp07bBr2/jqmWTGWOY82w=="
User-Agent: slrn/pre1.0.4-9 (Linux)
Cancel-Lock: sha1:yA3vXyV/bJ555TebRJcWIhNK8Ik=
X-Face: b{dPmN&%4|lEo,wUO\"KLEOu5N_br(N2Yuc5/qcR5i>9-!^e\.Tw9?/m0}/~:UOM:Zf]%
b+ V4R8q|QiU/R8\|G\WpC`-s?=)\fbtNc&=/a3a)r7xbRI]Vl)r<%PTriJ3pGpl_/B6!8pe\btzx
`~R! r3.0#lHRE+^Gro0[cjsban'vZ#j7,?I/tHk{s=TFJ:H?~=]`O*~3ZX`qik`b:.gVIc-[$t/e
ZrQsWJ >|l^I_[pbsIqwoz.WGA]<D

by: candycanearter07 - Sun, 7 Apr 2024 14:40 UTC

Stéphane CARPENTIER <sc@fiat-linux.fr> wrote at 08:36 this Saturday (GMT):
> Le 01-04-2024, candycanearter07 <candycanearter07@candycanearter07.nomail.afraid> a écrit :
>> Physfitfreak <physfitfreak@gmail.com> wrote at 19:03 this Monday (GMT):
>>>
>>> I get the same result with command,
>>>
>>> which
>>>
>>> by itself. So it is something about the command, not sshd.
>>
>> huh. Maybe it's implemented as a shell command?
>
> Run "type which" and you'll know, but honestly I doubt it.

For me, it's a seperate binary.
--
user <candycane> is generated from /dev/urandom

To communicate is the beginning of understanding. -- AT&T

computers / comp.os.linux.advocacy / Re: Check If Your Distro Is Vulnerable To XZ Backdoor

computers / comp.os.linux.advocacy / Re: Check If Your Distro Is Vulnerable To XZ Backdoor

Subject	Author
Check If Your Distro Is Vulnerable To XZ Backdoor	Farley Flud
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Farley Flud
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Chris Ahlstrom
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Farley Flud
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	chrisv
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Simon
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Stéphane CARPENTIER
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	cr0c0d1le
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Lawrence D'Oliveiro
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	rbowman
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Rockinghorse Winner
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	candycanearter07
Re: Check If Your Distro Is Vulnerable To XZ Backdoor	Physfitfreak