Re: xz backdoor
On Fri, Mar 29, 2024 at 09:09:45PM +0100, Sirius wrote:
> This is quite actively discussed on Fedora lists.
> https://www.openwall.com/lists/oss-security/2024/
> https://www.openwall.com/lists/oss-security/2024/03/29/4
>
> Worth taking a look if action need to be taken on Debian.
FWIW, just uploaded:
openssh (1:9.7p1-4) unstable; urgency=medium
* Rework systemd readiness notification and socket activation patches to
not link against libsystemd (the former via an upstream patch).
* Force -fzero-call-used-regs=used not to be used on ppc64el (it's
unsupported, but configure fails to detect this).
-- Colin Watson <cjwatson@debian.org> Wed, 03 Apr 2024 12:06:08 +0100
--
Colin Watson (he/him) [cjwatson@debian.org]
Reply to: