rafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 10 days ago400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comexternal-linkmessage-square142linkfedilinkarrow-up1448arrow-down11
arrow-up1447arrow-down1external-link400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comrafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 10 days agomessage-square142linkfedilink
minus-squareTetsuo@jlai.lulinkfedilinkEnglisharrow-up1·10 days agoI’m not home for a few days so I can’t check yet. But I think I have something like 3/4 packages at the most. But I need to compare that to a 400+ list I’m not sure I agree with you it’s that easy to do rigorously.
minus-squarehoppolito@mander.xyzlinkfedilinkEnglisharrow-up5·10 days agoNot sure I understand - if you only have 3-4 packages you can just search for them specifically in the long list? Even if you have 50 or 100s of packages, bash makes it pretty doable comm -12 <(sort -u file1.txt) <(sort -u file2.txt) > common.txt Should spit out only the packages appearing in both lists (done by memory so may not be 100%)
minus-square0x0@infosec.publinkfedilinkEnglisharrow-up1arrow-down8·10 days agoDo you have anything that will wipe their butt too?
minus-squareshelf@piefed.sociallinkfedilinkEnglisharrow-up1·9 days agoyou only need to check your 3 or 4 packages to see if they were installed/updated during a certain date range.
minus-squareTetsuo@jlai.lulinkfedilinkEnglisharrow-up1·9 days agoConsidering I haven’t been home since the 6th of June, I assume I probably couldn’t have been infected. But I will still do a thorough check when I get home next week.
I’m not home for a few days so I can’t check yet.
But I think I have something like 3/4 packages at the most.
But I need to compare that to a 400+ list I’m not sure I agree with you it’s that easy to do rigorously.
Not sure I understand - if you only have 3-4 packages you can just search for them specifically in the long list?
Even if you have 50 or 100s of packages, bash makes it pretty doable
comm -12 <(sort -u file1.txt) <(sort -u file2.txt) > common.txtShould spit out only the packages appearing in both lists (done by memory so may not be 100%)
Do you have anything that will wipe their butt too?
you only need to check your 3 or 4 packages to see if they were installed/updated during a certain date range.
Considering I haven’t been home since the 6th of June, I assume I probably couldn’t have been infected. But I will still do a thorough check when I get home next week.