[mdlug] info about the xz backdoor
Jay
jjn at nuge.com
Sun Mar 31 10:17:55 EDT 2024
Greetings,
On Sun, 31 Mar 2024, LAP wrote:
> On Sun, 31 Mar 2024 07:33:43 -0400
> "Carl T. Miller" <carl at carltm.com> wrote:
>
>> This is a good video that explains how the backdoor
>> works and how it got there in the first place.
>>
>> https://www.youtube.com/watch?v=OHAyf0qwdCs
>>
>
> The vid contains a useful command to check ones system:
>
> ldd "$(command -v sshd)"
>
> On Gentoo, I get:
>
> linux-vdso.so.1 (0x00007ffff7fcb000)
> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>
> Thus, regardless of what version of xv-utils is installed my
> system cannot be affected.
Do tell HOW you know this? What in the output of that command
should we be looking for? The Video was a rambling blather and failed to
JUST CLEARLY SAY what we should look for.
I *think* I'm suposed to look for the existance of LIBLZMA ????
Yup, it is there in my Raspbian Buster install...
liblzma.so.5 => /lib/arm-linux-gnueabihf/liblzma.so.5 (0xb67d7000)
So be clear...what are we looking for?
Thanks!
--- Jay
P.S. Did an "apt upgrade" - no change in the output.
More information about the mdlug
mailing list