Backdoor found in widely used Linux utility breaks encrypted SSH connections
Backdoor found in widely used Linux utility breaks encrypted SSH connections
Enlarge
/
the Internet
Back door
In
A
chain
of
binary
coded
In
A
shape
of
A
eye.
Getty
Pictures
Researchers
to have
find
A
malicious
back door
In
A
compression
tool
that
do
It is
path
In
widely
used
Linux
distributions,
including
those
Since
Red
Hat
And
Debian.
THE
compression
utility,
known
as
xz
utilities,
introduced
THE
malicious
coded
In
variants
5.6.0
And
5.6.1,
according to
has
Andres
Freund,
THE
developer
WHO
discovered
he.
There
are
No
known
reports
of
those
variants
be
incorporated
In
any of them
production
exits
For
major
Linux
distributions,
but
both
Red
Hat
And
Debian
reported
that
recently
published
beta
exits
used
has
less
A
of
THE
back door
versions - in particular,
In
Felt
Rawhide
And
Debian
essay,
unstable
And
experimental
distributions.
A
stable
release
of
Camber
Linux
East
Also
affected.
That
distribution,
However,
is not it
used
In
production
systems.
Because
THE
back door
was
discovered
Before
THE
malicious
variants
of
xz
Utilities
were
added
has
production
variants
of
Linux,
"It is
not
Really
affecting
anybody
In
THE
real
world,"
Will
Dorman,
A
senior
vulnerability
analyst
has
security
farm
Analysis,
said
In
A
online
interview.
"BUT
It is
only
because
he
was
discovered
early
due
has
bad
actor
neglect.
Had
he
not
has been
discovered,
he
would be
to have
has been
catastrophic
has
THE
world. »
Several
people,
including
two
Ars
readers,
reported
that
THE
several
apps
included
In
THE
HomeBrew
wrap
director
For
macOS
rely on
on
THE
back door
5.6.1
version
of
xz
Utilities.
HomeBrew
has
NOW
rolled
back
THE
utility
has
version
5.4.6.
Maintainers
to have
more
details
available
here.
Breakup
SSH
authentication
THE
First of all
panels
of
THE
back door
were
introduced
In
A
FEBRUARY
23
update
that
added
obscured
coded,
civil servants
Since
Red
Hat
said
In
A
E-mail.
A
update
THE
following
day
included
A
malicious
install
scenario
that
injected
himself
In
functions
used
by
shh,
THE
binary
deposit
that
makes
SSH
work.
THE
malicious
coded
has
resided
only
In
THE
archive
known versions
as
tar archives—which
are
released
upstream.
supposedly
GIT
coded
available
In
repositories
are not
affected,
although
they
TO DO
contain
Second step
artifacts
allowing
THE
injection
during
THE
build
time.
In
THE
event
THE
obscured
coded
introduced
on
FEBRUARY
23
East
here,
THE
artifacts
In
THE
GIT
version
allow
THE
back door
has
work.
THE
malicious
changes
were
submitted
by
JiaT75,
A
of
THE
two
main
xz
Utilities
developers
with
years
of
contributions
has
THE
project.
"Given
THE
activity
on
several
weeks,
THE
principal
East
either
directly
implied
Or
there
was
a few
enough
severe
compromise
of
their
system,"
Freund
wrote.
"Unfortunately
THE
last
looks
as
THE
less
likely
explanation,
given
they
communicated
on
miscellaneous
lists
about
THE
"fixes"
provided
In
recent
updates.
Those
updates
And
fixes
can
be
find
here,
here,
here,
And
here.
On
THURSDAY,
someone
using
THE
from the developer
name
took
has
A
developer
site
For
Ubuntu
has
ask
that
THE
back door
version
5.6.1
be
incorporated
In
production
variants
because
he
fixed
insects
that
cause
A
tool
known
as
Valgrind
has
malfunction.
"This
could
to break
build
scripts
And
test
pipelines
that
to wait for
specific
to go out
Since
Valgrind
In
order
has
pass,"
THE
person
warned,
Since
A
account
that
was
created
THE
even
day.
A
of
maintainers
For
Felt
said
Friday
that
THE
even
developer
approach
them
In
recent
weeks
has
ask
that
Felt
40,
A
beta
release,
to integrate
A
of
THE
back door
utility
versions.
"We
even
work
with
him
has
fix
THE
valgrind
issue
(which
he
turns
out
NOW
was
cause
by
...
Enlarge
/
the Internet
Back door
In
A
chain
of
binary
coded
In
A
shape
of
A
eye.
Getty
Pictures
Researchers
to have
find
A
malicious
back door
In
A
compression
tool
that
do
It is
path
In
widely
used
Linux
distributions,
including
those
Since
Red
Hat
And
Debian.
THE
compression
utility,
known
as
xz
utilities,
introduced
THE
malicious
coded
In
variants
5.6.0
And
5.6.1,
according to
has
Andres
Freund,
THE
developer
WHO
discovered
he.
There
are
No
known
reports
of
those
variants
be
incorporated
In
any of them
production
exits
For
major
Linux
distributions,
but
both
Red
Hat
And
Debian
reported
that
recently
published
beta
exits
used
has
less
A
of
THE
back door
versions - in particular,
In
Felt
Rawhide
And
Debian
essay,
unstable
And
experimental
distributions.
A
stable
release
of
Camber
Linux
East
Also
affected.
That
distribution,
However,
is not it
used
In
production
systems.
Because
THE
back door
was
discovered
Before
THE
malicious
variants
of
xz
Utilities
were
added
has
production
variants
of
Linux,
"It is
not
Really
affecting
anybody
In
THE
real
world,"
Will
Dorman,
A
senior
vulnerability
analyst
has
security
farm
Analysis,
said
In
A
online
interview.
"BUT
It is
only
because
he
was
discovered
early
due
has
bad
actor
neglect.
Had
he
not
has been
discovered,
he
would be
to have
has been
catastrophic
has
THE
world. »
Several
people,
including
two
Ars
readers,
reported
that
THE
several
apps
included
In
THE
HomeBrew
wrap
director
For
macOS
rely on
on
THE
back door
5.6.1
version
of
xz
Utilities.
HomeBrew
has
NOW
rolled
back
THE
utility
has
version
5.4.6.
Maintainers
to have
more
details
available
here.
Breakup
SSH
authentication
THE
First of all
panels
of
THE
back door
were
introduced
In
A
FEBRUARY
23
update
that
added
obscured
coded,
civil servants
Since
Red
Hat
said
In
A
E-mail.
A
update
THE
following
day
included
A
malicious
install
scenario
that
injected
himself
In
functions
used
by
shh,
THE
binary
deposit
that
makes
SSH
work.
THE
malicious
coded
has
resided
only
In
THE
archive
known versions
as
tar archives—which
are
released
upstream.
supposedly
GIT
coded
available
In
repositories
are not
affected,
although
they
TO DO
contain
Second step
artifacts
allowing
THE
injection
during
THE
build
time.
In
THE
event
THE
obscured
coded
introduced
on
FEBRUARY
23
East
here,
THE
artifacts
In
THE
GIT
version
allow
THE
back door
has
work.
THE
malicious
changes
were
submitted
by
JiaT75,
A
of
THE
two
main
xz
Utilities
developers
with
years
of
contributions
has
THE
project.
"Given
THE
activity
on
several
weeks,
THE
principal
East
either
directly
implied
Or
there
was
a few
enough
severe
compromise
of
their
system,"
Freund
wrote.
"Unfortunately
THE
last
looks
as
THE
less
likely
explanation,
given
they
communicated
on
miscellaneous
lists
about
THE
"fixes"
provided
In
recent
updates.
Those
updates
And
fixes
can
be
find
here,
here,
here,
And
here.
On
THURSDAY,
someone
using
THE
from the developer
name
took
has
A
developer
site
For
Ubuntu
has
ask
that
THE
back door
version
5.6.1
be
incorporated
In
production
variants
because
he
fixed
insects
that
cause
A
tool
known
as
Valgrind
has
malfunction.
"This
could
to break
build
scripts
And
test
pipelines
that
to wait for
specific
to go out
Since
Valgrind
In
order
has
pass,"
THE
person
warned,
Since
A
account
that
was
created
THE
even
day.
A
of
maintainers
For
Felt
said
Friday
that
THE
even
developer
approach
them
In
recent
weeks
has
ask
that
Felt
40,
A
beta
release,
to integrate
A
of
THE
back door
utility
versions.
"We
even
work
with
him
has
fix
THE
valgrind
issue
(which
he
turns
out
NOW
was
cause
by
...