You are not logged in.

Pages: 1

#1 2024-01-09 23:01:55

peyajo
Member
Registered: 2024-01-09
Posts: 1

Expired domain exploit

Expired domain for old pacman mirror will exploit https://bugs.archlinux.org/task/46107 January 16

Offline

#2 2024-01-09 23:23:34

Allan
Pacman
From: Brisbane, AU
Registered: 2007-06-09
Posts: 11,620
Website

Re: Expired domain exploit

Why wait for an expired domain?  Anyone can host an Arch mirror and do what they want to the package database.

PGP Key: F99FFE0FEAE999BD | I develop pacman - buy me a drink!

Offline

#3 2024-01-09 23:44:27

seth
Member
From: Don't DM me only for attention
Registered: 2012-09-03
Posts: 71,689

Re: Expired domain exploit

*What* domain based on *what* information?

If you're gonna shutdown a mirror: https://lists.archlinux.org/hyperkitty/ … linux.org/
If you figured this from some whois database: what makes you think the domain is actually gonna lapse?

Right now this thread is basically FUD.
"Some" domain *may* lapse 16/01 and yes, you can get a broken database from a (however) broken mirror (or a captive portal)

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB