Forwarded from OrangeFox Recovery NEWS
Recently, a backdoor in the xz package was reported (source: https://news.opensuse.org/2024/03/29/xz-backdoor/). Our OrangeFox infrastructure was utilizing the vulnerable version.
In order to safeguard the security of all our users, we have ultimately decided to shut down the infrastructure until we can ensure that there is no intrusion of any kind in our system.🦊
As the infrastructure operator, I acknowledge the recent downtimes and apologize for any inconvenience caused. Please stay tuned to this message as it will be updated periodically.
In order to safeguard the security of all our users, we have ultimately decided to shut down the infrastructure until we can ensure that there is no intrusion of any kind in our system.
As the infrastructure operator, I acknowledge the recent downtimes and apologize for any inconvenience caused. Please stay tuned to this message as it will be updated periodically.
Please open Telegram to view this post
VIEW IN TELEGRAM
👍1🫡1
Forwarded from mydarkstar
It was found that it is not an issue with systemd, but the fact that integrating other binaries which use liblzma with OpenSSH will lead to the issue in general.
Lennart Poettering mentions that the exploit can happen via pam->libselinux->liblzma and possibly in other cases too:
https://news.ycombinator.com/item?id=39867126
Lennart Poettering mentions that the exploit can happen via pam->libselinux->liblzma and possibly in other cases too:
https://news.ycombinator.com/item?id=39867126
Forwarded from mydarkstar
> Libselinux pulls in liblzma too and gets linked into tons more programs than libsystemd. And will end up in sshd too (at the very least via libpam/pam_selinux). And most of the really big distros tend do support selinux at least to some level. Hence systemd or not, sshd remains vulnerable by this specific attack.
#YachaBlog
Photo
No thank you, I would commit another critical CVE in the name of the USSR
Forwarded from OrangeFox Recovery NEWS
The basic services have been restored, and your security remains our top priority. We have thoroughly validated every single OrangeFox release, ensuring that none of them has been tampered with in any way.
Upon searching our servers, we found nothing suspicious, and we have taken all necessary steps to ensure the integrity of the servers. We do not store any personal data, or any device or IP identifiers, ensuring that there is nothing to leak.
We have enhanced our security infrastructure and will continue to adhere to the latest security guidelines.
- OrangeFox Team
Upon searching our servers, we found nothing suspicious, and we have taken all necessary steps to ensure the integrity of the servers. We do not store any personal data, or any device or IP identifiers, ensuring that there is nothing to leak.
We have enhanced our security infrastructure and will continue to adhere to the latest security guidelines.
- OrangeFox Team
😁3❤2
For complete nerds that wants to investigate into this backdoor - https://gynvael.coldwind.pl/?lang=en&id=782
gynvael.coldwind.pl
xz/liblzma: Bash-stage Obfuscation Explained
Forwarded from Linux / Линукс
Please open Telegram to view this post
VIEW IN TELEGRAM