Author: Martin Steigerwald Date: To: DNG CC: Marin Ivanov Subject: Re: [DNG] [SECURITY] [DSA 5649-1] xz-utils security update
Marin Ivanov - 30.03.24, 18:33:17 CET: > Devuan is not affected.
>
> > Devuan is not affected by the latest vulnerability caused by systemd.
> > The malicious backdoor in xz/liblzma is a vector for remote
> > exploitation of the ssh daemon due to a dependency on systemd for
> > notifications and due to systemd's call to dlopen() liblzma library
> > (CVE-2024-3094)
> Src: https://twitter.com/DevuanOrg/status/1774029432979653069