AVG-2851 log

Package xz
Status Fixed
Severity Critical
Type authentication bypass
Affected 5.6.0-1
Fixed 5.6.1-2
Current 5.6.1-3 [core]
Ticket None
Created Fri Mar 29 17:40:01 2024
Issue Severity Remote Type Description
CVE-2024-3094 Critical Yes Authentication bypass
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. The tarballs included extra .m4 files, which contained...
Date Advisory Package Type
29 Mar 2024 ASA-202403-1 xz arbitrary code execution