this post was submitted on 31 Mar 2024
209 points (94.8% liked)

linuxmemes

20880 readers
8 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
209
I feel like I'm using this template too much (lemmy.ca)
submitted 7 months ago by [email protected] to c/[email protected]
19 comments fedilink hide all child comments
 
  • Garnet: Running Debian Sid, so affected by vulnerability; hastily downgraded to 5.4.5
  • Amethyst: FreeBSD still ships 5.4.x
  • Pearl: Obsolete and currently unused hardware, so Linux hasn't been updated since October and OSX hasn't been updated since 2009.
  • Pearl-II: Void Linux still ships with 5.4.x, and the malware requires glibc anyway (I'm running musl); macOS partition still has 5.4.x (which is strange, given that I use pkgsrc, which shipped 5.6.x)
  • LapisLazuli: According to Mageia, everything's fine
  • Spinel: Running Raspbian Stable, which still ships 5.4.x
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 7 months ago (2 children)

what does Steam use?

[–] [email protected] 3 points 7 months ago (1 children)

You mean steam deck? Custom version of arch. But even pacman is locked by default there so I doubt the naughty package made it there

[–] [email protected] 1 points 7 months ago (1 children)

I think Steam runtime has some xz stuff does it not?

[–] [email protected] 1 points 7 months ago

Everything has it to some degree. More important is:

  1. is it using the compromised version?
  2. Is ssh package using sysytemd-notify?
  3. Is ssh server service being open to the internet?