Skip to content

Instantly share code, notes, and snippets.

@bjnews
bjnews / xz-backdoor.md
Created March 31, 2024 11:55 — forked from thesamesam/xz-backdoor.md
xz-utils backdoor situation

FAQ on the xz-utils backdoor

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that gives developers lossless compression. This package is commonly used for compressing release tarballs, software packages, kernel images, and initramfs images. It is very widely distributed, statistically your average Linux or macOS system will have it installed for