0 points

Maybe Manjaro should delay update even longer to make it extra secure /s

permalink
report
reply
0 points

Ngl manjaro beeing slow as saved my ass more than once

permalink
report
parent
reply
0 points

Tbh Manjaro has made my system unbootable before with a system update, base Arch has never done that for me. I think Manjaro is just poorly constructed, or maybe it’s bc of all the packages that come pre installed with it causing problems. Minimal installs ftw

permalink
report
parent
reply
0 points

i had bootfails on both systems, shit happens just boot from usb then changeroot into your system to repair

permalink
report
parent
reply
0 points
*

The malicious changes were submitted by JiaT75, one of the two main xz Utils developers with years of contributions to the project.

“Given the activity over several weeks, the committer is either directly involved or there was some quite severe compromise of their system,” Freund wrote. “Unfortunately the latter looks like the less likely explanation, given they communicated on various lists about the ‘fixes’” provided in recent updates. Those updates and fixes can be found here, here, here, and here. https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/

That really sucks. This kind of thing can make people and companies lose trust in open source. I wonder if we will learn the reason behind that. I would guess the developer was paid a lot of money by some organization to risk ruining his reputation like that.

permalink
report
reply
0 points

Like the exact same thing can not happen in a closed source codebase. It probably does daily. Since closed codebases the due dilligence and reviews cost money, and nobody can see the state. They are intentionally neglected.
Open source nor closed source is immune to the 5$ wrench hack

permalink
report
parent
reply
0 points

Can’t decide which one is more relevant - the $5 wrench hack, or any sort of blackmailing.

XKCD 538 - Security

XKCD 416 - Zealous Autoconfig

permalink
report
parent
reply
2 points

Panik: your Debian stable system is so ancient it still contains the heartbleed bug.

permalink
report
reply

Your Debian stable system is so ancient you got bigger vulnerabilities to worry about: Panik!

Also the problem was that Debian’s sshd linked to liblzma for some systemd feature to work. This mod was done by Debian team.

permalink
report
reply
0 points

What do you mean bigger vulnerabilitirs to worry about in Debian stable?

permalink
report
parent
reply
0 points
*

Arch wasn’t even targeted😎
I still had a backdoored package for over 1 month tho haha

permalink
report
reply

linuxmemes

!linuxmemes@lemmy.world

Create post

Hint: :q!


Sister communities:

Community rules (click to expand)

1. Follow the site-wide rules
2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of “peasantry” to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
4. No recent reposts
  • Everybody uses Arch btw, can’t quit Vim, and wants to interject for a moment. You can stop now.

 

Please report posts and comments that break these rules!


Important: never execute code or follow advice that you don’t understand or can’t verify, especially here. The word of the day is credibility. This is a meme community – even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don’t fork-bomb your computer.

Community stats

  • 6.3K

    Monthly active users

  • 1.1K

    Posts

  • 24K

    Comments