JWF edit: More about this now on the Fedora Magazine: (correction to the Fedora Magazine article: testing updates are not opt in in F40 but enabled by default because it is a pre-release; see update 2 below) The xz package that has already entered the current F40 pre-release versions/variants and rawhide contains malicious code. This does NOT affect users of the Fedora releases (F38, F39 are thus not affected), but all users who use already F40 pre-release versions/variants or rawhide shal...
I’m on Void, and I had the malicious version installed. Updating the system downgraded xz to 5.4.6, so it seems they are on it. I’ll be watching discussions to decide if my system might still be compromised.
I’m on Void, and I had the malicious version installed. Updating the system downgraded xz to 5.4.6, so it seems they are on it. I’ll be watching discussions to decide if my system might still be compromised.
Did you have SSH open to the internet?
No, this is just my personal laptop. I don’t even have access to an IP address I could enable port-forwarding on.
@Auli @56_ I have SSH open on internet… on ipv6, I’m safe. Do you think VPN open on the internet is safer ? (Think twice CVE-2024-21762…)
I would nuke it and rebuild. If nothing else it is a good test of backups