[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <F50FBEAD7A52B8468B9F3C875916681AEEE661@BXCH2K.bjw2k.asg>
Date: Mon Mar 6 22:43:47 2006
From: tkrpata at bjs.com (Krpata, Tyler)
Subject: dikline suspected to be behind
repositoryhacking.
What apt sources were you using? That's kind of an important part of
this story.
-----Original Message-----
From: Jason Savora [mailto:jsavora@...pace.com]
Sent: Monday, March 06, 2006 5:15 PM
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] dikline suspected to be behind
repositoryhacking.
dikline suspected to be behind repository hacking.
Recently we have discovered a severe code modification in the Ruby
programming language downloaded from various debian based non-official
apt-repositories.
Ruby is the interpreted scripting language for quick and easy
object-oriented programming available from ruby-lang . org
Please be advised the official release of ruby from ruby-lang.org is not
hacked.
During normal application development in the ruby language at our firm
our developers actively use Ruby as a language. We are currently
developing a smart system for badge access scanning at door entry points
in our building using HID cards.
In the process of development we have had to downgrade, modify, and
remove many instances of ruby for testing (including non POSIX versions
of Ruby for Win32API development via ruby.exe for windows system's).
Steven Colbert of HID INC. Has been working with us on various projects
for the past year on and off, and we are now working with debian-sarge
and ubuntu linux system's.
During a recent ritual of removal/re-installation of Ruby using debian's
apt-get we discovered a very big flaw in the files installed for Ruby.
A hacked version of ruby is wondering around apt repositories
everywhere.
[clip]
-Justin Savora
Global Interaction Software System's INC.
Office: 310-286-2013
jsavora@...pace.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists