Rodeo ,

Panik: your Debian stable system is so ancient it still contains the heartbleed bug.

bruhduh ,
@bruhduh@lemmy.world avatar

Is linux 6.1 vulnerable to heartbleed? I'm on lmde6 with linux 6.1 btw) edit: as other comment said debian 12 is good so everything alright

areyouevenreal ,

I don't think heartbleed is a kernel bug

HelloHotel ,
@HelloHotel@lemmy.world avatar

Its a CPU bug only the kernel can fix 🤒.
The kernel is responsible for its running hardware.

Am I dumb? that's the spectere and meltdown bug.
xz-utils malware is a whole other thing, lol.

areyouevenreal ,

Heartbleed isn't a hardware vulnerability either. It's a bug in OpenSSL. Are you alright?

HelloHotel ,
@HelloHotel@lemmy.world avatar

Clearly not, lol. Every vulnerability is spectere aparently. (To be fair, the other CVE this week is hardware based)

areyouevenreal ,

Heartbleed isn't new either. It's from years ago. It's also unrelated to the xz backdoor. Maybe you should get some rest. Check your carbon monoxide alarms are working. If not see a doctor. It sounds like you are having memory issues.

shotgun_crab ,

Still paniking, cause the backdoor was apparently targetting Debian servers, it was discovered just by chance and the "mantainer" made commits for 2 years in the same repo

possiblylinux127 ,
@possiblylinux127@lemmy.zip avatar

The fact that this was planned is what makes me nervous. Imagine what else is lurking.

dan ,
@dan@upvote.au avatar

and it was only discovered accidentally, when someone was profiling some stuff, noticed SSH using a bit too much CPU power when receiving connections even for invalid usernames/passwords, and spent the time to investigate it more deeply. A lot of developers aren't that attentive, and it could have easily snuck through.

  • Alle
  • Abonniert
  • Moderiert
  • Favoriten
  • linuxmemes@lemmy.world
  • random
  • haupteingang
  • Alle Magazine
    •