Debian: DSA-5649-1: xz-utils security update

March 29, 2024, 4:09 p.m. |

LinuxSecurity Advisories - Debian linuxsecurity.com

Andres Freund discovered that the upstream source tarballs for xz-utils, the XZ-format compression utilities, are compromised and inject malicious code, at build time, into the resulting liblzma5 library.

build code compression compromised debian dsa inject library malicious security security update update upstream utilities

Visit resource

More from linuxsecurity.com / LinuxSecurity Advisories - Debian

Debian: DSA-5679-1: less Security Advisory Updates 3 days, 14 hours ago | linuxsecurity.com

advisory debian dsa file +8

Debian: DSA-5678-1: glibc Security Advisory Updates 3 days, 16 hours ago | linuxsecurity.com

advisory arbitrary code cache code +15

Debian: DSA-5677-1: ruby3.1 Security Advisory Updates 3 days, 16 hours ago | linuxsecurity.com

advisory arbitrary code code debian +15

Debian: DSA-5676-1: chromium Security Advisory Updates 5 days, 4 hours ago | linuxsecurity.com

advisory arbitrary code chromium code +12

Debian: DSA-5675-1: chromium Security Advisory Updates 1 week, 3 days ago | linuxsecurity.com

advisory arbitrary code chromium code +12

Debian: DSA-5674-1: pdns-recursor Security Advisory Updates 1 week, 4 days ago | linuxsecurity.com

advisory debian denial of service distribution +10

Debian: DSA-5673-1: glibc Security Advisory Updates 2 weeks ago | linuxsecurity.com

advisory application arbitrary code buffer +21

Debian: DSA-5672-1: openjdk-17 Security Advisory Updates 2 weeks ago | linuxsecurity.com

advisory bullseye debian denial of service +16

Debian: DSA-5671-1: openjdk-11 Security Advisory Updates 2 weeks, 1 day ago | linuxsecurity.com

advisory bullseye debian denial of service +16

Red Team Operator

@ JPMorgan Chase & Co. | LONDON, United Kingdom

View on infosec-jobs.com

SOC Analyst

@ Resillion | Bengaluru, India

View on infosec-jobs.com

Director of Cyber Security

@ Revinate | San Francisco Bay Area

View on infosec-jobs.com

Jr. Security Incident Response Analyst

@ Kaseya | Miami, Florida, United States

View on infosec-jobs.com

Infrastructure Vulnerability Consultant - (Cloud Security , CSPM)

@ Blue Yonder | Hyderabad

View on infosec-jobs.com

Product Security Lead

@ Lely | Maassluis, Netherlands

View on infosec-jobs.com

View more jobs

all InfoSec news

Debian: DSA-5649-1: xz-utils security update

More from linuxsecurity.com / LinuxSecurity Advisories - Debian

Jobs in InfoSec / Cybersecurity

Red Team Operator

SOC Analyst

Director of Cyber Security

Jr. Security Incident Response Analyst

Infrastructure Vulnerability Consultant - (Cloud Security , CSPM)

Product Security Lead