Liste des Groupes | Revenir à ol advocacy |
On 3/31/24 08:01, Farley Flud wrote:Run this command to check if liblzma is linked to ssh:>
ldd "$(command -v sshd)"
For example, on Gentoo (the best distro) I get:
linux-vdso.so.1 (0x00007ffff7fcb000)
libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
regardless of what version of xz-utils is installed.
Systemd is ultimately responsible and more and more hackers will be
looking for more and better ways of exploiting that 3 million loc
pile of junk.
Don't say we didn't tell you so.
To save your systems, downgrade xz-utils AND eliminate systemd.
>
I get:
>
ldd: ./: not regular file
>
Les messages affichés proviennent d'usenet.