I accidentally found a security issue while benchmarking postgres changes.
If you run debian testing, unstable or some other more "bleeding edge" distribution, I strongly recommend upgrading ASAP.
I accidentally found a security issue while benchmarking postgres changes.
If you run debian testing, unstable or some other more "bleeding edge" distribution, I strongly recommend upgrading ASAP.
@AndresFreundTec Thank you for your efforts, and the excellent writeup you did when reporting what you uncovered.
It’s already clear that this whole situation will shake things up quite a bit, and rightfully so.
For those interested, see also https://boehs.org/node/everything-i-know-about-the-xz-backdoor on the history behind this…