PLEASE. I keep seeing it in memes. As I understand it the latest version of the xz package (present in rolling release distros like Arch and SUSE Tumbleweed) has “a backdoor”, but I have no earthly clue what can be done by malicious folks with access to that backdoor or if I should be afraid or how to check if my distro is compromised or how to prevent damage if it is or (…)

  • @[email protected]
    link
    fedilink
    English
    128 months ago

    From my understanding, Arch based distros don’t link ssh with systemd, and so are likely unaffected. That includes EndeavourOS. Since researchers are still analyzing the code, Arch took some steps to patch it anyways, just in case there some other hidden backdoor.

    • @[email protected]
      link
      fedilink
      English
      48 months ago

      Well that’s good to know. Still feeling pretty cozy on fedora, even got secure boot on for whatever that’s worth. Likely not much.