Third 2024 - Update/ Upgrade your Linux Systems or Reinstall it with the Fresh and Updated Version

ASAP: Upgrade your Linux systems and container images right now!

Andres Freund (Microsoft) and the PostgreSQL Developer & Committer, discovered that the upstream source tarballs for xz-utils,
the xz-format compression utilities, are compromised and inject malicious code, at build time, into the resulting liblzma5 library.
 
CVE-2024-3094
 
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.

Comments