Me, using arch and fedora 40 beta, just ignoring it
this post was submitted on 30 Mar 2024
473 points (84.3% liked)
linuxmemes
20761 readers
1647 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
I'm fairly sure NixOS Unstable also has it.
Fedora got hit too.
QubesOS uses debian and fedora
I just did: "rm -rf xz"
pacman -Syu
find / -name "*xz*" | sort | grep -e '\.xz$' | xargs -o -n1 rm -i
pacman -Qqn | pacman -S -
(and please, absolutely don't run above as root. Just don't.) I carefully answered to retain any root owned files and my backups, despite knowing the backdoor wasn't included in the culprit package. This system has now "un-trusted" status, meaning I'll clean re-install the OS, once the full analysis of the backdoor payload is available.
Edit: I also booted the "untrusted" system without physical access to the web, no gui, and installed the fixed package transferred to it locally. (that system is also going to be dd if=/dev/zero'd)
Arch users are really just cannon fodder against supply chain attacks.
We're the front line dog. Strike me down so Debian Stable's legacy may live on.
Bro WTF. How about you actually read up on the backdoor before slandering Arch. The backdoor DOES NOT affect Arch.
view more: next ›