SDF Chatter
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
cm0002@europe.pub to Arch Linux@programming.devEnglish · 3 days ago

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

www.phoronix.com

external-link
message-square
10
link
fedilink
  • cross-posted to:
  • linux@programming.dev
38
external-link

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

www.phoronix.com

cm0002@europe.pub to Arch Linux@programming.devEnglish · 3 days ago
message-square
10
link
fedilink
  • cross-posted to:
  • linux@programming.dev
alert-triangle
You must log in or register to comment.
  • BCsven@lemmy.ca
    link
    fedilink
    English
    arrow-up
    33    ·
    3 days ago

    I use Malware BTW

    • Maiq@piefed.social
      link
      fedilink
      English
      arrow-up
      9      ·
      3 days ago

      Out of 12 installed AUR packages, I had 0 effected.

      • kamenlady@lemmy.world
        link
        fedilink
        English
        arrow-up
        6        ·
        3 days ago

        Maybe they forgot to include the Effects™ Library?

        • Maiq@piefed.social
          link
          fedilink
          English
          arrow-up
          2          ·
          3 days ago

          Doh! Not gonna change it.

    • [deleted]@piefed.world
      link
      fedilink
      English
      arrow-up
      5      ·
      3 days ago

      Best laugh today!

  • fistac0rpse@fedia.io
    link
    fedilink
    arrow-up
    8    ·
    3 days ago

    radarr, sonarr and jellyfin client are all safe, phew

  • Infernal_pizza@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    2    ·
    2 days ago

    Is this newly submitted packages which are malware, or existing packages which had malware introduced to them? And is there a list of affected packages anywhere?

    • fistac0rpse@fedia.io
      link
      fedilink
      arrow-up
      4      ·
      2 days ago

      They’re existing packages that were abandoned by the original authors and then had ownership claimed by malicious parties

    • diverging@piefed.social
      link
      fedilink
      English
      arrow-up
      6      ·
      2 days ago

      It looks like they were existing packages.

      List here: https://cscs.pastes.sh/raw/aurvulnlist20260611.txt

      Got that from: https://discuss.cachyos.org/t/aur-compromised-1500-packages-affected-20260611/31040
      They have a script that can check if you have any of them.

      • Infernal_pizza@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        3        ·
        2 days ago

        Thanks, looks like I’m ok

Arch Linux@programming.dev

arch@programming.dev

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !arch@programming.dev

Discussion community about the Arch Linux distro.

Wiki : https://wiki.archlinux.org/

Site : https://archlinux.org/

Packages : https://archlinux.org/packages/

GitLab : https://gitlab.archlinux.org/archlinux

Downloads : https://archlinux.org/download/

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 4 users / day
  • 95 users / week
  • 99 users / month
  • 102 users / 6 months
  • 2 local subscribers
  • 288 subscribers
  • 23 Posts
  • 35 Comments
  • Modlog
  • mods:
  • recursive_recursion they/them@lemmy.ca
  • BE: 0.19.11
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org