On 6/29/19 5:18 PM, Hirela via aur-general wrote:
> TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might
> be injecting suspicious binary patches.
>
> Here are the relevant lines from the PKGBUILD version 4.3.0.165:
>
> pkgver=4.3.0.165
>
>
> Hi Hirela,
>
> Thanks for bringing this up. I compared both versions of the tarball
> (see diffoscope output attached)
Sigh, it appears it got scraped, here:
https://paste.xinu.at/rTa
Cheers,
-Santiago.
signature.asc
Description: PGP signature
On Sat, Jun 29, 2019 at 09:18:37PM +, Hirela via aur-general wrote:
> TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might
> be injecting suspicious binary patches.
>
> Here are the relevant lines from the PKGBUILD version 4.3.0.165:
>
> pkgver=4.3.0.165
>
>
TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might be
injecting suspicious binary patches.
Here are the relevant lines from the PKGBUILD version 4.3.0.165:
pkgver=4.3.0.165
More spam: https://aur.archlinux.org/account/arun6/comments