.xz

XZ Compressed

XZ is a lossless compression format using the LZMA2 algorithm, developed by Lasse Collin and the Tukaani Project in 2009. It achieves higher compression ratios than gzip and bzip2 and is the standard format for Linux kernel and GNU source tarballs.

اقرأ المزيد ↓

بنية الصيغة

Header magic bytes

Entries compressed files

Index directory

ArchiveLZMA2CRC64 / SHA-256Streamable2009

بواسطة FileDex

غير قابل للتحويل

XZ decompression requires liblzma not available in browser WASM.

أسئلة شائعة

How do I open or inspect an XZ file?

Use xz -dk file.xz to decompress while keeping the original, or xzcat file.xz | head to preview content without full extraction. On Windows, 7-Zip opens .xz files natively. Use xz --list file.xz to view compression stats without extracting.

What is the xz-utils backdoor (CVE-2024-3094)?

In March 2024, a supply chain attack was discovered in xz-utils versions 5.6.0 and 5.6.1. Malicious code was injected into the build system that modified liblzma to backdoor sshd on systemd-based Linux distributions. The compromised versions were quickly pulled from package repositories.

Should I use XZ or Zstandard for new projects?

Zstandard is preferred when decompression speed matters — it decompresses 5-10x faster than XZ. XZ is preferred when maximum compression ratio is the priority and decompression speed is less important, such as for archival or one-time distribution downloads.

Does XZ support multi-threaded compression?

Yes. XZ Utils 5.2+ supports multi-threaded compression via xz -T0 (auto-detect cores) or xz -T8 (8 threads). Decompression of multi-threaded output is compatible with any single-threaded xz decoder.

ما يميز .XZ

What is an XZ file?

XZ is a lossless data compression format that uses the LZMA2 algorithm to achieve high compression ratios. It is widely used in the Linux ecosystem for distributing source code tarballs and software packages. XZ typically achieves better compression than gzip and bzip2 at the cost of slower compression speed.

اكتشف التفاصيل التقنية

How to open XZ files

7-Zip (Windows) — Free, open-source
tar (Linux, macOS) — tar -xf archive.tar.xz
xz (Linux, macOS) — xz -d file.xz
PeaZip (Windows, Linux) — Free GUI

Technical specifications

Property	Value
Algorithm	LZMA2
Compression Ratio	Higher than gzip/bzip2
Integrity Check	CRC32, CRC64, SHA-256
Multi-threading	Supported
Decompression RAM	Typically 10-100 MB

Common use cases

Linux packages: Source tarballs (.tar.xz) for distro packaging.
Software distribution: Compressed releases on GNU/Linux.
Archiving: High-ratio compression for long-term storage.
Kernel releases: Linux kernel source archives.

المرجع التقني

المواصفات CLI التحويلات الأمان المنظومة

نوع MIME: application/x-xz
Magic Bytes: FD 37 7A 58 5A 00 XZ signature bytes.
المطوّر: Lasse Collin / Tukaani Project
سنة التقديم: 2009
معيار مفتوح: نعم

00000000FD377A585A00 .7zXZ.

XZ signature bytes.

البنية الثنائية

An XZ file contains one or more streams, each independently decompressible. Each stream starts with a 12-byte stream header: the 6-byte magic FD 37 7A 58 5A 00, followed by 2 bytes of stream flags (indicating the integrity check type), and a 4-byte CRC32 of the stream flags. The stream body contains one or more blocks, each with a block header (compressed and uncompressed size, filter chain) followed by compressed data and optional padding. After the blocks, an index section records the offset and uncompressed size of each block for random access. The stream ends with a 12-byte stream footer: a 4-byte CRC32, 4 bytes of backward size (pointing to the index), a copy of the stream flags, and the 2-byte footer magic 59 5A (YZ — the original magic reversed).

Offset	Length	Field	Example	Description
`0x00`	`6 bytes`	Stream Header Magic	`FD 37 7A 58 5A 00`	Identifies the file as an XZ compressed stream. The bytes decode as: FD (non-ASCII guard), 7A 58 5A (7XZ in ASCII), 00 (null terminator).
`0x06`	`2 bytes`	Stream Flags	`00 04`	Specifies the integrity check type: 00=None, 01=CRC32, 04=CRC64, 0A=SHA-256.
`0x08`	`4 bytes`	Stream Flags CRC32	`varies`	CRC32 checksum of the 2-byte stream flags field for header integrity verification.
`varies`	`variable`	Block Header	`varies`	Per-block header containing block size, filter chain (LZMA2 + optional delta/BCJ), and header CRC32.
`EOF-12`	`12 bytes`	Stream Footer	`CRC32 + backward size + flags + 59 5A`	Contains CRC32, backward size pointing to the index, stream flags copy, and footer magic 59 5A (YZ).

2005LZMA SDK released by Igor Pavlov as part of 7-Zip; LZMA Utils created as a Unix wrapper2009Lasse Collin releases XZ Utils 4.999.8beta, introducing the .xz format as successor to .lzma2010Linux kernel switches source tarballs from bzip2 to xz compression2014XZ Utils 5.2.0 released with multi-threaded compression support2024CVE-2024-3094: supply chain backdoor discovered in xz-utils 5.6.0 and 5.6.1 targeting sshd via liblzma on systemd-based Linux distributions

Compress a file with xz أخرى

xz -k -9 file.tar

-k keeps the original file. -9 uses maximum compression (LZMA2 with 64 MB dictionary). Output is file.tar.xz.

Decompress an .xz file أخرى

xz -dk file.tar.xz

-d decompresses, -k keeps the original. Produces file.tar.

Multi-threaded compression with xz أخرى

xz -T8 -9 -k largefile.sql

-T8 uses 8 threads for parallel compression. Output is fully compatible with single-threaded xz decompression.

Extract a .tar.xz archive أخرى

tar -xf archive.tar.xz

Modern tar auto-detects xz compression. Extracts all files to the current directory.

Inspect xz file metadata أخرى

xz --list --verbose file.xz

Displays stream count, block sizes, compression ratio, integrity check type, and memory requirements.

XZ → GZ transcode lossless Decompress LZMA2 and recompress with gzip for compatibility with older tools or HTTP content-encoding pipelines that only support gzip.

XZ → ZST transcode lossless Zstandard decompresses 5-10x faster than XZ at similar compression ratios. Useful when switching distribution pipelines to zstd for faster end-user extraction.

منخفض

نقاط الضعف

Supply chain attack: CVE-2024-3094 injected a backdoor into xz-utils 5.6.0/5.6.1 build artifacts targeting sshd on systemd-based Linux
Decompression bomb: crafted XZ with high compression ratio can exhaust memory if decompression memory limits are not set

الحماية: FileDex does not decompress, parse, or execute XZ content. Reference page only — no server-side processing.

XZ Utils أداة

Reference implementation by Lasse Collin, includes xz, unxz, xzcat, and liblzma

7-Zip أداة

Free archiver with full LZMA/LZMA2/XZ support across platforms

pixz أداة

Parallel indexed xz compressor with random-access block index

Python lzma module مكتبة

Standard library module for reading and writing .xz and .lzma files

XZ for Java مكتبة

Pure Java implementation of XZ decompression from the Tukaani Project