Call us in Switzerland
+41 41 500 48 00
Security Notice About CVE-2024-3094 (xz-utils)
quinta-feira, 11 de abril de 2024
A security flaw has been found in the xz project that, under certain conditions, can work as a backdoor for world-facing openSSH servers.
This vulnerability is not present in any of the Torizon OS (formerly TorizonCore) releases.
The affected xz versions are xz 5.6.0 and xz 5.6.1. However, our current Torizon OS releases follow the upstream OpenEmbedded project, which currently ships version 5.2.6.
On official Toradex Containers, we strictly ship Debian Stable (currently codenamed 'Bookworm'), which was also never affected by this vulnerability.
No action from our customers is needed.
You may choose to manually verify this information. If so, you can:
- Refer to our manifest files.
- Use our Software Bill of Materials for both the Yocto Project and Containers.
- Refer to the official Debian CVE page.
Get Started With Torizon
- Learn more about Torizon.
- For instructions on installing and getting started, learning from the basics to the advanced, and much more, visit the Torizon page on the Toradex developer website.
Notícias recentes
quinta-feira, 4 de abril de 2024
Press Release:
Introducing Aquila - The Next Generation Toradex SoM Family terça-feira, 20 de fevereiro de 2024
Press Release:
Join Toradex at Japan IT Week Spring 2024 segunda-feira, 29 de janeiro de 2024
New Release:
Torizon OS 6.5.0 Quarterly Release
