rafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 11 days ago400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comexternal-linkmessage-square8linkfedilinkarrow-up10arrow-down10
arrow-up10arrow-down1external-link400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comrafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 11 days agomessage-square8linkfedilink
minus-squareHolytimes@sh.itjust.workslinkfedilinkEnglisharrow-up0·11 days agohow many aur packages do you have? Most people i know have like AT MOST 20 or so packages from the aur. Which takes less then 2 mins to manually check against the list.
minus-squareTetsuo@jlai.lulinkfedilinkEnglisharrow-up0·11 days agoI’m not home for a few days so I can’t check yet. But I think I have something like 3/4 packages at the most. But I need to compare that to a 400+ list I’m not sure I agree with you it’s that easy to do rigorously.
minus-squarehoppolito@mander.xyzlinkfedilinkEnglisharrow-up0·11 days agoNot sure I understand - if you only have 3-4 packages you can just search for them specifically in the long list? Even if you have 50 or 100s of packages, bash makes it pretty doable comm -12 <(sort -u file1.txt) <(sort -u file2.txt) > common.txt Should spit out only the packages appearing in both lists (done by memory so may not be 100%)
minus-square0x0@infosec.publinkfedilinkEnglisharrow-up0arrow-down1·11 days agoDo you have anything that will wipe their butt too?
how many aur packages do you have? Most people i know have like AT MOST 20 or so packages from the aur. Which takes less then 2 mins to manually check against the list.
I’m not home for a few days so I can’t check yet.
But I think I have something like 3/4 packages at the most.
But I need to compare that to a 400+ list I’m not sure I agree with you it’s that easy to do rigorously.
Not sure I understand - if you only have 3-4 packages you can just search for them specifically in the long list?
Even if you have 50 or 100s of packages, bash makes it pretty doable
comm -12 <(sort -u file1.txt) <(sort -u file2.txt) > common.txtShould spit out only the packages appearing in both lists (done by memory so may not be 100%)
Do you have anything that will wipe their butt too?