View Issue Details

IDProjectCategoryView StatusLast Update
0008696Kali LinuxKali Package Bugpublic2024-03-29 23:03
Reporterkali-bugreport Assigned ToGamb1t  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Summary0008696: backdoor in upstream xz/liblzma leading to ssh server compromise
Description

Only as FYI in case if Kali had imported the affected package;

https://www.openwall.com/lists/oss-security/2024/03/29/4

Activities

kali-bugreport

kali-bugreport

2024-03-29 21:51

reporter   ~0019080

Upstream issue / discussion:

https://github.com/tukaani-project/xz/issues/92

Gamb1t

Gamb1t

2024-03-29 23:03

manager   ~0019086

Thank you for the report, we were patched early this morning

https://www.kali.org/blog/about-the-xz-backdoor/

Issue History

Date Modified Username Field Change
2024-03-29 19:43 kali-bugreport New Issue
2024-03-29 21:51 kali-bugreport Note Added: 0019080
2024-03-29 23:03 Gamb1t Note Added: 0019086
2024-03-29 23:03 Gamb1t Assigned To => Gamb1t
2024-03-29 23:03 Gamb1t Status new => closed
2024-03-29 23:03 Gamb1t Resolution open => fixed