The tl;dr is a botnet filed a whole lot of orphan requests on old/obscure/barely-used packages, pushing a malicious piece of code into the package building/install process. Caught by people paying attention.
CMDR Jack L. Frost
The Arch Linux AUR had over 400 packages compromised with malware
#Linux #ArchLinux #Security
Looks like the Arch Linux AUR (Arch User Repository) needs some better security and package checks - as some malicious users compromised a lot of packages.
