On Mon, Mar 06, 2006 at 10:53:32PM +0000, Jason Savora wrote: > Our development machine sources list was: > > deb http://security.debian.org/ stable/updates main > deb ftp://debian.fastweb.it/debian/ testing main contrib non-free > deb-src ftp://debian.fastweb.it/debian/ testing main > deb http://http.us.debian.org/debian stable main contrib non-free > deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free > deb http://ftp.digex.net/debian/ stable main non-free contrib > deb http://irssi.qvr.info/debian/ sarge/ > deb http://irssi.qvr.info/debian/ sid/ > deb http://localhost/backup/db testing main Unfortunately that's not very useful. Please supply the package name, version and the output of "apt-cache policy <pkgname>". That should list where the trojaned package came from (presuming no changes to sources.list, etc., etc.). Once you've established where it came from you can trace the provenance of the package (likely a path from the "original" package source through mirrors, etc.) Thanks
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/