公告
服務狀態
我們知道可能會影響服務的問題。
- 星期五, 26第 四月, 2024
- 13:04下午
⚠️ CISA urgent security alert
Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems.
CVE-2024-3094 assigned max CVSS score of 10.0!
Versions 5.6.0 & 5.6.1 compromised with malicious code allowing unauthorized remote access.
Full report :
https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094
If your server is using XZ utils compression version 5.6.0 or 5.6.1 you have to downgrade it to avoid security issues.
Recommended version : XZ Utils 5.4.6
to check version :
xz --version
OR
yum info xz
OR
rpm -qa | grep xz
Stay Safe.
Pamir Alpha Technologies
