Conversation

Notices

1. Sandra (sandra@idiomdrottning.org)'s status on Sunday, 31-Mar-2024 12:37:32 UTC Sandra

   This is wrong:

   Using systemd on publicly accessible ssh: update RIGHT NOW NOW NOW
   Otherwise: update RIGHT NOW NOW but prioritize the former

   https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27

   No, the exploit doesn’t rely on systemd being run or even installed. If you have the poisoned version, update right away please. The infected version is infected even without systemd (just as long as it’s run as other than arg0, which is the case with many init systems.). Now, it is because of systemd that Debian and Red Hat shipped a version of sshd that was dynamically linked to liblzma. So that’s the connection to systemd. But it’s “SSH linked to liblzma” that’s exploited, not “SSH inited by systemd”.

   • Santa Claes 🇸🇪🇭🇰🎅 likes this.
   • Sandra (sandra@idiomdrottning.org)'s status on Sunday, 31-Mar-2024 12:37:34 UTC Sandra

     in reply to

     • phoenix🐧🏕🏞🚀🍝
     @phoenix
     
     This what.
   • Santa Claes 🇸🇪🇭🇰🎅 (clacke@libranet.de)'s status on Sunday, 31-Mar-2024 12:37:34 UTC Santa Claes 🇸🇪🇭🇰🎅

     in reply to

     • phoenix🐧🏕🏞🚀🍝
     @Sandra @phoenix That means "full agreement with what you just said".
   • phoenix🐧🏕🏞🚀🍝 (phoenix@chaos.social)'s status on Sunday, 31-Mar-2024 12:37:35 UTC phoenix🐧🏕🏞🚀🍝

     in reply to

     @Sandra this.