mobox icon indicating copy to clipboard operation
mobox copied to clipboard

Published 20 hours ago verified publisher icon olegos2

xz-utils 5.6.0 is backdoored

Open NotNite opened this issue 1 year ago • 2 comments

In use in the components folder. See https://en.wikipedia.org/wiki/XZ_Utils_backdoor.

NotNite avatar Apr 09 '24 22:04 NotNite

@olegos2, could you prioritize this? It is the vulnerability where hacker could take control over the device: https://github.com/advisories/GHSA-rxwq-x6h5-x525

Added by: https://github.com/olegos2/mobox/commit/9a13f53dd9dd14925c53de67310e25fb45516a29

lvonasek avatar Apr 11 '24 19:04 lvonasek

It's not used by the mobox, I will just delete these pkgs from components

olegos2 avatar Apr 13 '24 13:04 olegos2