knoppix<p>At least 35 Linux images on Docker Hub still contain the XZ-Utils backdoor, CVE-2024-3094 🐛<br>Binarly warns that many are still publicly available and transitively used in other builds ⚠️</p><p>Debian declined removal, citing low risk and archival value 📦<br>Users are advised to manually check and avoid using outdated images 🔍</p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@BleepingComputer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>BleepingComputer</span></a></span> </p><p><a href="https://www.bleepingcomputer.com/news/security/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/docker-hub-still-hosts-dozens-of-linux-images-with-the-xz-backdoor/</span></a></p><p><a href="https://mastodon.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> <a href="https://mastodon.social/tags/DockerHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DockerHub</span></a> <a href="https://mastodon.social/tags/XZUtils" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XZUtils</span></a> <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChain</span></a> <a href="https://mastodon.social/tags/Backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoor</span></a> <a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Debian</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p>