PSA: ssh backdoor found in xz/liblzma

This is not related to an OpenAI service, this is a general PSA for Server owners, be it a VPS, kubernetes, co-lo… anything running ssh, check with your service provider that they are aware of the issue and if needs be read the article to understand and mitigate your risks.

oss-security - backdoor in upstream xz/liblzma leading to ssh server compromise

5 Likes

Stable versions of distributions are ok

3 Likes

Deep Dive into XZ Utils Backdoor - Columbia Engineering, Advanced Systems Programming Guest Lecture

3 Likes