It looks like more analysis has revealed this is a RCE with the payload in the modulus of a public key: "The payload is extracted from the N value (the public key) passed to RSA_public_decrypt, checked against a simple fingerprint, and decrypted with a fixed ChaCha20 key before the Ed448 signature verification..." Also see <https://www.openwall.com/lists/oss-security/2024/03/30/36>.
- Bug#1068024: revert to version that... Guillem Jover
- Bug#1068024: revert to version ... Joey Hess
- Bug#1068024: revert to ver... Thorsten Glaser
- Bug#1068024: revert to version ... Sebastian Andrzej Siewior
- Bug#1068024: Or remove xz altogether? Stephan Verbücheln
- Bug#1068024: Or remove xz altogether? Guillem Jover
- Bug#1068024: revert to version that doe... Ivan Shmakov
- Bug#1068024: revert to version that does not con... Pierre Ynard
- Bug#1068024: revert to version that does no... Thorsten Glaser
- Bug#1068024: Jeffrey Walton
- Bug#1068024: Jeffrey Walton
- Bug#1068024: revert to version that does not con... Christoph Anton Mitterer
- Bug#1068024: revert to version that does no... Alberto Garcia
- Bug#1068024: revert to version that does no... Thorsten Glaser
- Bug#1068024: revert to version that does not con... Christoph Anton Mitterer
- Bug#1068024: revert to version that does no... Thorsten Glaser
- Bug#1068024: Potential solution to your downgrad... Joshua Hudson
- Bug#1068024: Potential solution to your dow... Thorsten Glaser
- Bug#1068024: Jeffrey Walton
- Bug#1068024: revert to version that does not con... ashim gena
