- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or # to comment.
“Engineers have been circulating an old, famous-among-programmers web comic about how all modern digital infrastructure rests on a project maintained by some random guy in Nebraska. (In their telling, Mr. Freund is the random guy from Nebraska.)”
That’s not quite right. Lasse Collin is the random guy in Nebraska. Freund is the guy that noticed the whole thing was about to topple.
Yuuuuuuup. We all owe this man beer for life.
You’re late to the party NYT.
Also, dude made a good save. Only arch users got hit lol
Arch didn’t patch it with systemd so it didn’t really affect them afaik. It did hit OpenSUSE Tumbleweed users.
-
The hack mainly targeted Debian and fedora
-
Arch doesn’t directly link openssh to liblzma, so the hack doesn’t affect arch users.
-
There was some checking in the exploit to verify that it was being built for a deb or rpm package, it didn’t build for anything else. Also, the way the exploit was loaded at runtime relied on features of systemd that Arch isn’t using. It was a dud on Arch.
nothing of value was lost
Yes
