| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon Mar 6 23:16:49 2006 From: rudolph at usyd.edu.au (Rudolph Pereira) Subject: dikline suspected to be behind repositoryhacking. On Mon, Mar 06, 2006 at 10:53:32PM +0000, Jason Savora wrote: > Our development machine sources list was: > > deb http://security.debian.org/ stable/updates main > deb ftp://debian.fastweb.it/debian/ testing main contrib non-free > deb-src ftp://debian.fastweb.it/debian/ testing main > deb http://http.us.debian.org/debian stable main contrib non-free > deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free > deb http://ftp.digex.net/debian/ stable main non-free contrib > deb http://irssi.qvr.info/debian/ sarge/ > deb http://irssi.qvr.info/debian/ sid/ > deb http://localhost/backup/db testing main Unfortunately that's not very useful. Please supply the package name, version and the output of "apt-cache policy <pkgname>". That should list where the trojaned package came from (presuming no changes to sources.list, etc., etc.). Once you've established where it came from you can trace the provenance of the package (likely a path from the "original" package source through mirrors, etc.) Thanks -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060307/c842a603/attachment.bin
Powered by blists - more mailing lists