Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#19780 - unrealircd 3.2.8.1-2 contains trojan / backdoor.
Attached to Project:
Community Packages
Opened by Alexander Duscheleit (jinks) - Saturday, 12 June 2010, 22:45 GMT
Last edited by Sergej Pupykin (sergej) - Sunday, 13 June 2010, 06:43 GMT
Opened by Alexander Duscheleit (jinks) - Saturday, 12 June 2010, 22:45 GMT
Last edited by Sergej Pupykin (sergej) - Sunday, 13 June 2010, 06:43 GMT
|
DetailsDescription:
The unrealircd version in community (3.2.8.1-2) has been flagged as containing a backdoor which allows an attacker to execute commands with the privileges of the user running the daemon. The md5sum in the PKGBUILD (abs) matches the known-bad md5sum from this announcement: http://sourceforge.net/mailarchive/message.php?msg_name=4C134F7E.202%40vulnscan.org . |
This task depends upon