I don't know if this is the best place to address this issue, but a 10.0 critical vulnerability was identified in the xz tarballs of xz package, starting with version 5.6.0. Although the version currently used in porteus is 5.25, I believe it is prudent to apply the suggested corrections.
https://nvd.nist.gov/vuln/detail/CVE-2024-3094
https://access.redhat.com/security/cve/CVE-2024-3094
CVE-2024-3094 on XZ - bacdoor - supply chain backdoor SOLVED on SLACKWARE
- maia
- Samurai
- Posts: 123
- Joined: 08 Aug 2019, 16:56
- Distribution: Porteus-5 64b Openbox
- Location: Brasil
CVE-2024-3094 on XZ - bacdoor - supply chain backdoor SOLVED on SLACKWARE
Last edited by maia on 09 Apr 2024, 20:55, edited 1 time in total.
Sorry my english is really, g##gle-tr4nsl4t0r