Linked by Jordan Spencer Cunningham on Mon 14th Jun 2010 23:58 UTC
Bugs & Viruses Recently, the Linux version of UnrealIRCd was discovered to have had a Trojan worm its way into the source code. Even more embarrassing for the developers of Unreal is that the Trojan's been holding open the backdoor in the source code since November of 2009-- not very recently. And, of course, bloggers and press in general are taking the opportunity of another breach in Linux security to point out doomsday devices that don't really exist.
Thread beginning with comment 430337
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

Very disappointing indeed. One should never trust an unsigned binary package.

FFMpeg has just released a new version that includes WebM.

So, as an independent open source project, as FFMpeg are, if you want to distribute packages to all & sundry, here is an example of how to do it:
Note that these releases are intended for distributors and system integrators. ...
FFmpeg 0.6 "Works with HTML5"

0.6 appeared on 2010-06-15. The release branch was cut on 2010-05-04.

Download bzip2 tarball MD5 SHA1 PGP signature
Download gzip tarball MD5 SHA1 PGP signature

Checksums and PGP signatures. Elementary. This is the most basic, fundamental security principle to prevent trojans.

Edited 2010-06-16 14:03 UTC

Reply Parent Score: 2

jabbotts Member since:

Webmin also does a good job of maintaining there own Debian repository. I've also worked against a few repositories from trusted third parties in the past when going through the option list of network monitoring apps though in the end I returned to using Munin. A VMware repository would also be welcome if they could manage to fix VMware Server 2's issues on Debian Stable.

Reply Parent Score: 2