Responding to XZ-Utils Vulnerability

Hello Everyone - liblzma is an encryption library used by OpenSSH, the default SSH server used in the Linux world. Based on reports from Debian and NIST, malicious code gets injected during build time. Which for most of us, is during the fresh installation of our OS. Version 5.6.0 and 5.6.1 are known to be impacted. Below you will find the output I receieved from my Debian 11 device.

$ xz -V
xz (XZ Utils) 5.2.5
liblzma 5.2.5
$

Based on the output above, I am on verison 5.2.5. This is consistent with the Debian Security Advisory, that Debian Test & Debian Unstable were the only branches impacted. If you need to downgrade or patch, the following command should work within Debian Unstable.

apt update && apt install liblzma -a 5.6.1+really5.4.5-1

2024

Javascript Cat!

how-to add oneko.js to the minimal-mistakes jekyll template.

Back to top ↑

2023

Ditching WordPress

Method of Procedure for migrating from WordPress to plain HTML.

Mom Said Redefine Success

In High School I had one dream that stands out. Own a Porsche by the time I was 26. Looking back, I have no idea where this dream came from; because I was ra...

Back to top ↑

2022

Back to top ↑

2021

Back to top ↑