Clonezilla Live Is Now Patched Against the XZ Backdoor, Powered by Linux 6.7

posted by Marius Nestor on Apr 18, 2024



Clonezilla Live 3.1.2-22 is the second installment in the Clonezilla Live 3.1.2 series mostly as an emergency release to patch the live system against the recent XZ backdoor by downgrading the xz-utils package from version 5.6.0 to version 5.4.5, the latter not being affected by the backdoor, which allowed a remote attacker to compromise the SSH server.

As such, you should delete the previous Clonezilla Live 3.1.2-9 ISO from your system and use this new version instead, which also ships with a newer kernel, namely Linux 6.7.9-2 from the Debian Sid repositories. The previous Clonezilla Live version used Linux kernel 6.6.11-1, so the new kernel should provide for better hardware support.

Read on