Re: [aur-general] The AUR package "svp" is suspicious

2019-06-29 Thread Eli Schwartz via aur-general
On 6/29/19 5:18 PM, Hirela via aur-general wrote: > TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might > be injecting suspicious binary patches. > > Here are the relevant lines from the PKGBUILD version 4.3.0.165: > >     pkgver=4.3.0.165 >     >

Re: [aur-general] The AUR package "svp" is suspicious

2019-06-29 Thread Santiago Torres-Arias via aur-general
> Hi Hirela, > > Thanks for bringing this up. I compared both versions of the tarball > (see diffoscope output attached) Sigh, it appears it got scraped, here: https://paste.xinu.at/rTa Cheers, -Santiago. signature.asc Description: PGP signature

Re: [aur-general] The AUR package "svp" is suspicious

2019-06-29 Thread Santiago Torres-Arias via aur-general
On Sat, Jun 29, 2019 at 09:18:37PM +, Hirela via aur-general wrote: > TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might > be injecting suspicious binary patches. > > Here are the relevant lines from the PKGBUILD version 4.3.0.165: > >     pkgver=4.3.0.165 >     >

[aur-general] The AUR package "svp" is suspicious

2019-06-29 Thread Hirela via aur-general
TL;DR: The AUR package "svp" (https://aur.archlinux.org/packages/svp/) might be injecting suspicious binary patches. Here are the relevant lines from the PKGBUILD version 4.3.0.165:     pkgver=4.3.0.165    

Re: [aur-general] SPAM report, AUR comment

2019-06-29 Thread Michael Kogan
More spam: https://aur.archlinux.org/account/arun6/comments