Ask HN: Am I safe regarding xz?
Upon seeing the xz backdoor reports, I checked my version and saw that my machine (arch btw) contained the compromised version. I swiftly updated to a patched version but am unsure of how to detect if it has been exploited.
I had no ports open for ssh (or anything else), but the sshd service was active.
What should I do ? Wipe and reinstall my distro, or am I safe ?
Thanks
1 comment
[ 3.8 ms ] story [ 10.5 ms ] threadofc this doesn't rule out any as-of-yet unknown vulnerabilities in xz/liblzma.