• Garnet: Running Debian Sid, so affected by vulnerability; hastily downgraded to 5.4.5
  • Amethyst: FreeBSD still ships 5.4.x
  • Pearl: Obsolete and currently unused hardware, so Linux hasn’t been updated since October and OSX hasn’t been updated since 2009.
  • Pearl-II: Void Linux still ships with 5.4.x, and the malware requires glibc anyway (I’m running musl); macOS partition still has 5.4.x (which is strange, given that I use pkgsrc, which shipped 5.6.x)
  • LapisLazuli: According to Mageia, everything’s fine
  • Spinel: Running Raspbian Stable, which still ships 5.4.x
  • 30p87@feddit.de
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    For me, it’s not a pleasure to inform you that all of my machines run Arch testing, including the server with port 22 open, and therefore had the backdoor for over a month. On the other hand, it should not have been compiled in actually, as it should only target Debian and RPM.