Skip to content

Commit

Permalink
deploy: 959f944
Browse files Browse the repository at this point in the history
  • Loading branch information
@himazawa
himazawa committed Mar 31, 2024
1 parent 07fef60 commit fd67692
Show file tree
Hide file tree
Showing 13 changed files with 18 additions and 18 deletions.
2 changes: 1 addition & 1 deletion en/sitemap.xml
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="http://www.w3.org/1999/xhtml"><url><loc>https://appsec.space/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/"/></url><url><loc>https://appsec.space/tags/backdoor/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/backdoor/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/backdoor/"/></url><url><loc>https://appsec.space/tags/cve-2024-3094/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/cve-2024-3094/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/cve-2024-3094/"/></url><url><loc>https://appsec.space/tags/liblzma/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/liblzma/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/liblzma/"/></url><url><loc>https://appsec.space/posts/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/"/></url><url><loc>https://appsec.space/tags/security-engineering/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/security-engineering/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/security-engineering/"/></url><url><loc>https://appsec.space/tags/supply-chain/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/supply-chain/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/supply-chain/"/></url><url><loc>https://appsec.space/tags/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/"/></url><url><loc>https://appsec.space/posts/xz-backdoor/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/xz-backdoor/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/xz-backdoor/"/></url><url><loc>https://appsec.space/tags/xz/</loc><lastmod>2024-03-31T12:43:26+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/xz/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/xz/"/></url><url><loc>https://appsec.space/categories/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/categories/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/categories/"/></url><url><loc>https://appsec.space/categories/general-knowledge/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/categories/general-knowledge/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/categories/general-knowledge/"/></url><url><loc>https://appsec.space/tags/infosec/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/infosec/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/infosec/"/></url><url><loc>https://appsec.space/tags/rants/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/rants/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/rants/"/></url><url><loc>https://appsec.space/tags/security-theatre/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/security-theatre/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/security-theatre/"/></url><url><loc>https://appsec.space/posts/security-theatre/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/security-theatre/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/security-theatre/"/></url><url><loc>https://appsec.space/categories/blog-news/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/posts/long-time-no-see/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/long-time-no-see/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/long-time-no-see/"/></url><url><loc>https://appsec.space/tags/updates/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/updates/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/updates/"/></url><url><loc>https://appsec.space/tags/ai/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/code-review/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/posts/mycroft-ai-rce/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/vocal-assistant/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/categories/vulnerability-research/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/writeup/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/about/</loc><lastmod>2023-03-21T22:11:59+01:00</lastmod><changefreq>weekly</changefreq><priority>0.5</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/about/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/about/"/></url></urlset>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="http://www.w3.org/1999/xhtml"><url><loc>https://appsec.space/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/"/></url><url><loc>https://appsec.space/tags/backdoor/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/backdoor/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/backdoor/"/></url><url><loc>https://appsec.space/tags/cve-2024-3094/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/cve-2024-3094/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/cve-2024-3094/"/></url><url><loc>https://appsec.space/tags/liblzma/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/liblzma/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/liblzma/"/></url><url><loc>https://appsec.space/posts/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/"/></url><url><loc>https://appsec.space/tags/security-engineering/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/security-engineering/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/security-engineering/"/></url><url><loc>https://appsec.space/tags/supply-chain/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/supply-chain/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/supply-chain/"/></url><url><loc>https://appsec.space/tags/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/"/></url><url><loc>https://appsec.space/posts/xz-backdoor/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/xz-backdoor/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/xz-backdoor/"/></url><url><loc>https://appsec.space/tags/xz/</loc><lastmod>2024-03-31T15:16:00+02:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/xz/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/xz/"/></url><url><loc>https://appsec.space/categories/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/categories/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/categories/"/></url><url><loc>https://appsec.space/categories/general-knowledge/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/categories/general-knowledge/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/categories/general-knowledge/"/></url><url><loc>https://appsec.space/tags/infosec/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/infosec/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/infosec/"/></url><url><loc>https://appsec.space/tags/rants/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/rants/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/rants/"/></url><url><loc>https://appsec.space/tags/security-theatre/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/security-theatre/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/security-theatre/"/></url><url><loc>https://appsec.space/posts/security-theatre/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/security-theatre/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/security-theatre/"/></url><url><loc>https://appsec.space/categories/blog-news/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/posts/long-time-no-see/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/posts/long-time-no-see/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/posts/long-time-no-see/"/></url><url><loc>https://appsec.space/tags/updates/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/tags/updates/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/tags/updates/"/></url><url><loc>https://appsec.space/tags/ai/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/code-review/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/posts/mycroft-ai-rce/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/vocal-assistant/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/categories/vulnerability-research/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/tags/writeup/</loc><lastmod>2024-03-30T22:00:02+01:00</lastmod><changefreq>weekly</changefreq><priority>1</priority></url><url><loc>https://appsec.space/about/</loc><lastmod>2023-03-21T22:11:59+01:00</lastmod><changefreq>weekly</changefreq><priority>0.5</priority><xhtml:link rel="alternate" hreflang="it" href="https://appsec.space/it/about/"/><xhtml:link rel="alternate" hreflang="en" href="https://appsec.space/about/"/></url></urlset>
2 changes: 1 addition & 1 deletion index.json
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion index.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ He was optimizing his infrastructure and found that ssh was suspiciously slow.
<li>MacPorts</li>
<li>pkgsrc</li>
</ul>
<p>At the moment we know that the there are checks in the backdoor to <a href="" rel="">target Linux instances and only x86_64/amd64</a> builds so the real number could be downsized, but since the entire situation is unclear I would not reccommend to keep a compromised package on your system.</p>
<p>At the moment we know that there are checks in the backdoor to <a href="" rel="">target Linux instances and only x86_64/amd64</a> builds so the real number could be downsized, but since the entire situation is unclear I would not reccommend to keep a compromised package on your system.</p>
<h2 id="considerations" class="headerLink">
<a href="#considerations" class="header-mark"></a>3 Considerations</h2><h3 id="the-github-behavior" class="headerLink">
<a href="#the-github-behavior" class="header-mark"></a>3.1 The GitHub Behavior</h3><p>The reasons behind the <code>xz</code> repositories lockdown are still a mistery to me, especially knowing that with the source code available additional anaysis on the backdoor could be performed.</p>
Expand Down
2 changes: 1 addition & 1 deletion posts/index.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ He was optimizing his infrastructure and found that ssh was suspiciously slow.
<li>MacPorts</li>
<li>pkgsrc</li>
</ul>
<p>At the moment we know that the there are checks in the backdoor to <a href="" rel="">target Linux instances and only x86_64/amd64</a> builds so the real number could be downsized, but since the entire situation is unclear I would not reccommend to keep a compromised package on your system.</p>
<p>At the moment we know that there are checks in the backdoor to <a href="" rel="">target Linux instances and only x86_64/amd64</a> builds so the real number could be downsized, but since the entire situation is unclear I would not reccommend to keep a compromised package on your system.</p>
<h2 id="considerations" class="headerLink">
<a href="#considerations" class="header-mark"></a>3 Considerations</h2><h3 id="the-github-behavior" class="headerLink">
<a href="#the-github-behavior" class="header-mark"></a>3.1 The GitHub Behavior</h3><p>The reasons behind the <code>xz</code> repositories lockdown are still a mistery to me, especially knowing that with the source code available additional anaysis on the backdoor could be performed.</p>
Expand Down
Loading

0 comments on commit fd67692

Please sign in to comment.