Matt Faulkner

Professional Goober

Responding to XZ-Utils Vulnerability

Hello Everyone - liblzma is an encryption library used by OpenSSH, the default SSH server used in the Linux world. Based on reports from Debian and NIST, malicious code gets injected during build time. Which for most of us, is during the fresh installation of our OS. Version 5.6.0 and 5.6.1 are known to be impacted. Below you will find the output I receieved from my Debian 11 device.

$ xz -V
xz (XZ Utils) 5.2.5
liblzma 5.2.5
$

Based on the output above, I am on verison 5.2.5. This is consistent with the Debian Security Advisory, that Debian Test & Debian Unstable were the only branches impacted. If you need to downgrade or patch, the following command should work within Debian Unstable.

apt update && apt install liblzma -a 5.6.1+really5.4.5-1

Reference Links

2024 27
2023 13
2022 4
2021 7

2024

November 14, 2024

Secure Your Linux Box

October 7, 2024

Matt’s Guide to Securing a Linux Box for Production.

Deploying NextCloud AIO

October 6, 2024

My Website Architecture

September 16, 2024

Quick overview of my websites architecture.

Exploring Glacier National Park

September 9, 2024

One Night in Glacier NP - 2024

Images from the Nebraska DLC

September 1, 2024

Exploring and capturing the scenery in American Truck Simulator, Nebraska DLC

Sail High Seas Safely!

August 3, 2024

how-to be safe while downloading linux isos.

Jackson-Faulkner Family Trip 2024

July 31, 2024

Exploring South Dakota with the Jacksons.

Serving Up WebP instead of PNG

July 22, 2024

how I reduced my home page 610 percent.

Javascript Cat!

July 1, 2024

how-to add oneko.js to the minimal-mistakes jekyll template.

Growing Cannabis Notes

July 1, 2024

My personal running notes for growing cannabis.

SMB Mount Errors found in dmesg

May 27, 2024

Dealing with CIFS errors between TrueNAS and Debian.

Bounce a Juniper Switchport

May 27, 2024

how-to bounce a Juniper JunOS switchport.

Fixing apt error, ‘list of sources could not be read’

May 15, 2024

how-to fix ‘the list of sources could not be read.’ when using apt.

Basic Network Troubleshooting

May 12, 2024

how-to troubleshoot a home network, by a Network Engineer.

Moving to Caddy

May 12, 2024

Moving my webserver from OpenLiteSpeed to Caddy

Could Not Resolve Error in apt

April 20, 2024

how-to resolve, could not resolve packages.adoptium.net

Responding to XZ-Utils Vulnerability

April 5, 2024

how-to validate XZ-Utils impact.

Ninite is Awesome

April 3, 2024

How and Why I use Ninite

Certbot Renewal on OpenLiteSpeed

March 31, 2024

Manually renewing Certbot on OpenLiteSpeed

YABS Results

March 31, 2024

Yet Another Benchmark Results

Basic Linux Administration

March 30, 2024

Linux Basics and Core Concepts by Matt F.

How to Setup and Manage a Web Domain

March 29, 2024

how-to Buy and Manage a Web Domain

Learn Linux in 5 Days

March 29, 2024

My Udemy Course Completion Certification.

2013 Scion FRS Service Manual

March 20, 2024

Scion FRS Service Manual Download and Sources

My Discord Server

February 14, 2024

My Discord Server Widget

Migrating to BunnyCDN

January 4, 2024

How I moved from QUIC.Cloud to BunnyNet CDN.

Back to top ↑

2023

99.99% Uptime Goal for 2024

December 30, 2023

My High Uptime Plan for 2024.

Magic The Gathering Notes

December 17, 2023

Personal notes for Magic the Gathering

HTML Hobbiest Webring

December 17, 2023

HTML Hobbiest Webring Landing Page/Post

Ditching WordPress

December 15, 2023

Method of Procedure for migrating from WordPress to plain HTML.

W900 Tuning Pack

November 2, 2023

W900 Tuning Pack DLC Review.

Goodbye Google Domains

September 25, 2023

Google Domains is Ending.

Experience OpenLiteSpeed

September 21, 2023

Deep dive into OpenLiteSpeed webserver.

Struggles with Jekyll and Cloudflare Pages

August 11, 2023

how-to resolve my Jekyll/Cloudflare Pages deployment error.

Mom Said Redefine Success

August 11, 2023

In High School I had one dream that stands out. Own a Porsche by the time I was 26. Looking back, I have no idea where this dream came from; because I was ra...

Cow Town Hoe Down - 2023

August 10, 2023

Personal ramblings about my new town.

Knowledge Sharing

July 11, 2023

Knowledge Filled PDF Bundle

Jellyfin Guide for Friends and Family

May 17, 2023

how-to Jellyfun.

My ProtonMail Review

April 20, 2023

ProtonMail Review - 1 Year

Back to top ↑

2022

Managing Pi-Hole - A Guide for Beginners in 2022

September 6, 2022

how-to manage Pi-Hole.

Matt’s Desktop Build in 2022

June 24, 2022

My new Gaming PC. Its boring but it’ll do.

Ad-Blocking on the Go using Pi-Hole and Pi-VPN in the Cloud

January 26, 2022

how-to setup Pi-Hole and Wireguard on Linode.

How To Change The Hostname of a Raspberry Pi

January 10, 2022

how-to update the hostname of a Raspberry Pi.

Back to top ↑

2021

Using A Raspberry Pi Zero To Host a VPN Server

November 13, 2021

Can a Raspberry Pi Zero host a family VPN Server? Yes.

Logitech G413 Carbon - Keyboard Review

October 26, 2021

Logitech G413 Keyboard review.

Razer Huntsman Mini - My First Keyboard Review

September 24, 2021

Razer Huntsman Mini review.

Weekend with the Bois - June 2021 Video

June 7, 2021

YouTube video cruising through Colorado!

PiAware - One Month of Ownership

June 7, 2021

Ramblings about PiAware after one month of operation.

Setup a Headless Raspberry Pi - For Beginners

April 23, 2021

Guide to setup a Raspberry Pi from start to finish!

Setting the Timezone on your Raspberry Pi 4

March 24, 2021

Guide to configuring the Timezone on a Raspberry Pi.

Back to top ↑