Russian Spam & Profanities Are Now Plaguing The Arch Linux AUR
([Arch Linux] 5 Hours Ago
Arch Linux AUR)
- Reference: 0001640866
- News link: https://www.phoronix.com/news/Arch-Linux-AUR-Russian-Spam
- Source link:
After days of dealing with [1]1,500+ packages in the Arch Linux AUR containing malware , the latest headache in the Arch Linux User Repository is Russian spam and offensive messages.
Nicolas Boichat with his AI/LLM detection bot [2]detected some questionable messages appearing in AUR content. Russian messages were being added post-install to the bashrc / zshrc / Fish configuration, etc containing offensive messaging. Those commits happened on the 14th, after the recent malware fiasco.
[3]
And then over the past day reporting on dozens of AUR packages having similar Russian messages containing offensive language.
[4]
The latest [5]update on that thread indicates more than 70 AUR packages having this Russian spam / offensive messaging. Among those various Python packages, Ruby packages, Llama.cpp, and others.
At least the AI/LLM bots are proving helpful here in proactively picking up on some of the AUR abuses until the fundamental situation can be better handled.
[1] https://www.phoronix.com/news/Arch-Linux-AUR-More-Than-1500
[2] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/GJURAWWOV453HZDBESQT3L26J2572VDV/
[3] https://www.phoronix.com/image-viewer.php?id=2026&image=aur_spam_1_lrg
[4] https://www.phoronix.com/image-viewer.php?id=2026&image=aur_spam_2_lrg
[5] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/2YQSHTC27MOKDDKHZTH2BJGTEN2CYC7W/
Nicolas Boichat with his AI/LLM detection bot [2]detected some questionable messages appearing in AUR content. Russian messages were being added post-install to the bashrc / zshrc / Fish configuration, etc containing offensive messaging. Those commits happened on the 14th, after the recent malware fiasco.
[3]
And then over the past day reporting on dozens of AUR packages having similar Russian messages containing offensive language.
[4]
The latest [5]update on that thread indicates more than 70 AUR packages having this Russian spam / offensive messaging. Among those various Python packages, Ruby packages, Llama.cpp, and others.
At least the AI/LLM bots are proving helpful here in proactively picking up on some of the AUR abuses until the fundamental situation can be better handled.
[1] https://www.phoronix.com/news/Arch-Linux-AUR-More-Than-1500
[2] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/GJURAWWOV453HZDBESQT3L26J2572VDV/
[3] https://www.phoronix.com/image-viewer.php?id=2026&image=aur_spam_1_lrg
[4] https://www.phoronix.com/image-viewer.php?id=2026&image=aur_spam_2_lrg
[5] https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/message/2YQSHTC27MOKDDKHZTH2BJGTEN2CYC7W/