|
|
|
|
|
|
by nijave
715 days ago
|
|
|
Right but it was injected from data in a "corrupt" xz file in the repo under certain conditions >This injects an obfuscated script to be executed at the end of configure. This
script is fairly obfuscated and data from "test" .xz files in the repository. >The files containing the bulk of the exploit are in an obfuscated form in
tests/files/bad-3-corrupt_lzma2.xz
tests/files/good-large_compressed.lzma
committed upstream |
|
|