[aur-general] acroread package compromised
Archived: 2026-04-05 19:04:44 UTC
Eli Schwartz eschwartz at archlinux.org
Sun Jul 8 06:02:08 UTC 2018
Previous message (by thread): [aur-general] acroread package compromised
Next message (by thread): [aur-general] acroread package compromised
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 07/08/2018 01:54 AM, Eli Schwartz wrote:
> On 07/08/2018 01:48 AM, Queen Wenceslas via aur-general wrote:
>> Hi all,
>>
>> The acroread AUR package appears to have been compromised: look at
>> https://aur.archlinux.org/cgit/aur.git/commit/?h=acroread&id=
>> b3fec9f2f16703c2dae9e793f75ad6e0d98509bc
>> (and in particular that curl|bash line!). Not exactly sure who to
>> contact, but I assume someone on this list can get things sorted out.
>>
>> Cheers,
>> qwence
>
> Account suspended, commit reverted using Trusted User privileges.
>
> Thanks.
Also fixed two other packages which were maliciously modified the same way.
--
Eli Schwartz
Bug Wrangler and Trusted User
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20180708/f43965cf/attachment-0001
Previous message (by thread): [aur-general] acroread package compromised
https://lists.archlinux.org/pipermail/aur-general/2018-July/034153.html
Page 1 of 2

Next message (by thread): [aur-general] acroread package compromised
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the aur-general mailing list
Source: https://lists.archlinux.org/pipermail/aur-general/2018-July/034153.html
https://lists.archlinux.org/pipermail/aur-general/2018-July/034153.html
Page 2 of 2