hello unfortunately, i was noticed, that irssi (very popular irssi client) ./configure script was backdoored past some months.
sure, here is not directly endangered people whos using binnary precompiled binaries, but here is question about build hosts, where developers compiled mandrake packages (especially cooker's binaries). i don't know any technical information about for example connection, location etc. if it is public known information, sorry for my question, but if it is interested for more passionate cookers, please tell us some words about.. (or add these infos at mandrake-cooker web page). i have a look at all packages "Build Host" description and i'v found these hosts: athena.mandrakesoft.com bi.mandrakesoft.com ke.mandrakesoft.com ken kernel.mandrakesoft.com klama.mandrake.org montreal.mandrakesoft.com no.mandrakesoft.com tox.mandrakesoft.com only tox.mandrakesoft.com has valid dns record, but don't listening :), also srpm irssi-0.8.4-1mdk.src.rpm package seems don't contain "bad" configure script. -- Linux 2.4.18-16mdk Mandrake Linux release 8.3 (Cooker) for i586 8:35pm up 3 days, 9:15, 6 users, load average: 0.05, 0.08, 0.03
msg64729/pgp00000.pgp
Description: PGP signature
