Some_Emo_Chick@lemmy.world to Technology@lemmy.worldEnglish · 3 days agoArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comexternal-linkmessage-square26linkfedilinkarrow-up1143arrow-down11
arrow-up1142arrow-down1external-linkArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comSome_Emo_Chick@lemmy.world to Technology@lemmy.worldEnglish · 3 days agomessage-square26linkfedilink
minus-squarerozodru@piefed.worldlinkfedilinkEnglisharrow-up25·2 days agoI think it was essentially orphaned stuff that got “picked up” by a “new maintainer” and that’s how it happened.
minus-squarenorthernlights@fedia.iolinkfedilinkarrow-up3·2 days agooh I saw “clang” in the list of packages and got worried
minus-squareTelorand@reddthat.comlinkfedilinkEnglisharrow-up2·2 days agoYou’re only affected if you use the AUR. As far as I understand it, the core packages themselves are fine, so this is more of a MitM attack, where somebody compromised the package download streams
I think it was essentially orphaned stuff that got “picked up” by a “new maintainer” and that’s how it happened.
oh I saw “clang” in the list of packages and got worried
You’re only affected if you use the AUR. As far as I understand it, the core packages themselves are fine, so this is more of a MitM attack, where somebody compromised the package download streams