Skip to content

Commit

Permalink
post: added references
Browse files Browse the repository at this point in the history
  • Loading branch information
@himazawa
himazawa committed Mar 31, 2024
1 parent e676706 commit 00a5b08
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
8 changes: 4 additions & 4 deletions content/posts/xz-backdoor/index.en.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ The situation doesn't look too good so I'm trying to write this blogpost as a su
I don't want to address the technical aspect of the compromission but I want to look at the issue from the perspective of a Security Engineer, summarizing what went wrong and trying to find a remediation.

## Timeline
{{< admonition type=tip title="Note" open=true >}}
{{< admonition type=tip title="Note" open=false >}}
Check the Resources section for a link to an article with a detailed timeline
{{< /admonition >}}

Expand All @@ -47,12 +47,12 @@ Check the Resources section for a link to an article with a detailed timeline
The extent of this breach is still unkown, but here is a (partial) list of components shipping the known malicious version of `xz`:

Distributions:
- Arch
- [Arch](https://archlinux.org/news/the-xz-package-has-been-backdoored/)
- [Debian Sid](https://security-tracker.debian.org/tracker/CVE-2024-3094)
- Gentoo
- [Gentoo](https://bugs.gentoo.org/928134)
- [Fedora 40](https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users)
- Manjaro Testing
- Parabola
- [Parabola](https://www.parabola.nu/news/arch-announce-the-xz-package-has-been-backdoored/)
- NixOS Unstable
- Slackware
- [SUSE Tumbleweed](https://news.opensuse.org/2024/03/29/xz-backdoor/)
Expand Down
6 changes: 3 additions & 3 deletions content/posts/xz-backdoor/index.it.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,12 @@ Controlla la sezione Risorse per i link ad una timeline più dettagliata
L'estensione di questo breach è ancora poco chiaro di seguito è riportata una (parziale) lista dei componenti che contiengono la versione malevola di `xz`:

Distribuzioni:
- Arch
- [Arch](https://archlinux.org/news/the-xz-package-has-been-backdoored/)
- [Debian Sid](https://security-tracker.debian.org/tracker/CVE-2024-3094)
- Gentoo
- [Gentoo](https://bugs.gentoo.org/928134)
- [Fedora 40](https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users)
- Manjaro Testing
- Parabola
- [Parabola](https://www.parabola.nu/news/arch-announce-the-xz-package-has-been-backdoored/)
- NixOS Unstable
- Slackware
- [SUSE Tumbleweed](https://news.opensuse.org/2024/03/29/xz-backdoor/)
Expand Down

0 comments on commit 00a5b08

Please sign in to comment.