How does the xz incident impacts the average user ? #xz

No Stupid Questions@lemmy.world – 93 points – 3 months ago

My mastodon feed is full of IT security specialist talking about the xz affair where someone let a backdoor in some library.

But beside showing the two side of Free/Libre software (anybody can add a backdoor, and anybody can spot it), I have no idea how it impacts the average person. Is it a common library or something used only by specific application ? Would my home-grade router protects me ?

You are viewing a single comment

View all comments Show the parent comment

Not just a day, a full month the backdoor was available. On the Arch Repo, v5.6.0 was uploaded on February 24th. Will be similar to other repos.

I believe 5.6.0 was in Debian testing for almost a month too.

Thanks for the correction. A full month is much more problematic.