A vulnerability (CVE-2024-3094) was found on March 9th in the xl-utils libraries on Linux systems. Since the findings, there have been releases of fixes to the issues.
- Ubuntu- Per Ubuntu all current releases are unaffected by the xl-util backdoor. If you have not set your Ubuntu for automatic updates please run the following command lines: sudo apt update && sudo apt upgrade. To have updates run unattended run the following command line after the above command: sudo apt install unattended-upgrades apt-listchanges bsd-mailx. Lastly to have unattended security updates install run the following command: sudo dpkg-reconfigure -plow unattended-upgrades
- Debian- For Debian-based systems please first run the update and upgrade commands (you only really need the update command) as follows: sudo-apt get update followed by sudo apt-get upgrade. Once you have run these two commands, run the following command: apt-cache policy liblzma5 if the version is 5.6.0-0.2 then we need to update the version. Please run the following command: sudo apt update && sudo apt install -y --only-upgrade liblzma5. Once you have run this command please run the original command: apt-cache policy liblzma5 and see if there has been a change in versions to the 5.6.1 from the 5.6.0
- Before:
