On 2024-04-03 19:15, David Cook via Koha-devel wrote:
Hi all,
This isn’t related to Koha per se, but I thought I’d share it for anyone who hasn’t seen it: https://en.wikipedia.org/wiki/XZ_Utils_backdoor <https://en.wikipedia.org/wiki/XZ_Utils_backdoor>
All the more reason to have things like Kohacon so that we actually know each other…
Thanks David. For those using Debian: "Right now no Debian stable versions are known to be affected. Compromised packages were part of the Debian testing, unstable and experimental distributions" <https://lists.debian.org/debian-security-announce/2024/msg00057.html> and Ubuntu: "The affected version of xz-utils was only in noble-proposed, and was removed before migrating to noble itself. No released versions of Ubuntu were affected by this issue." <https://ubuntu.com/security/CVE-2024-3094> Now back to my trusty old Koha 3.8.24, current server up-time 1,410 days ;=} Paul
David Cook
Senior Software Engineer
Prosentient Systems
Suite 7.03
6a Glen St
Milsons Point NSW 2061
Australia
Office: 02 9212 0899
Online: 02 8005 0595
_______________________________________________ Koha-devel mailing list Koha-devel@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel website : https://www.koha-community.org/ git : https://git.koha-community.org/ bugs : https://bugs.koha-community.org/