Call us in Switzerland
+41 41 500 48 00
Security Notice About CVE-2024-3094 (xz-utils)
Thursday, April 11, 2024
A security flaw has been found in the xz project that, under certain conditions, can work as a backdoor for world-facing openSSH servers.
This vulnerability is not present in any of the Torizon OS (formerly TorizonCore) releases.
The affected xz versions are xz 5.6.0 and xz 5.6.1. However, our current Torizon OS releases follow the upstream OpenEmbedded project, which currently ships version 5.2.6.
On official Toradex Containers, we strictly ship Debian Stable (currently codenamed 'Bookworm'), which was also never affected by this vulnerability.
No action from our customers is needed.
You may choose to manually verify this information. If so, you can:
- Refer to our manifest files.
- Use our Software Bill of Materials for both the Yocto Project and Containers.
- Refer to the official Debian CVE page.
Get Started With Torizon
- Learn more about Torizon.
- For instructions on installing and getting started, learning from the basics to the advanced, and much more, visit the Torizon page on the Toradex developer website.
Latest News
Thursday, April 4, 2024
Press Release:
Introducing Aquila - The Next Generation Toradex SoM Family Tuesday, February 20, 2024
Press Release:
Join Toradex at Japan IT Week Spring 2024 Monday, January 29, 2024
New Release:
Torizon OS 6.5.0 Quarterly Release
