Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions CVE-2024-3094 backdoor in xz Library

Sophos Firewall requires membership for participation - click to join

Thread Info

State Verified Answer
Locked Locked
Replies 1 reply
Subscribers 39 subscribers
Views 1195 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2024-3094 backdoor in xz Library

Alan Brand 7 months ago

https://nvd.nist.gov/vuln/detail/CVE-2024-3094

Pretty sure UTM is not vulnerable due to older versions of the liblzma, but a statement from an Sophos official would be nice to satisfy our security people.

This thread was automatically locked due to age.

Top Replies

LuCar Toni 7 months ago +3 verified

https://www.sophos.com/en-us/security-advisories/sophos-sa-20240401-xz-backdoor

Parents

+1 LuCar Toni 7 months ago

https://www.sophos.com/en-us/security-advisories/sophos-sa-20240401-xz-backdoor

__________________________________________________________________________________________________________________
Cancel
Vote Up +3 Vote Down

Cancel

Reply

+1 LuCar Toni 7 months ago

https://www.sophos.com/en-us/security-advisories/sophos-sa-20240401-xz-backdoor

__________________________________________________________________________________________________________________
Cancel
Vote Up +3 Vote Down

Cancel

Children

No Data