Developers are advised to purge these malicious packages
David Lowry-Duda
david at lowryduda.com
Sat Dec 7 13:20:20 EST 2019
On Wed, Dec 04, 2019 at 07:17:58PM +0100, Christian Heimes wrote:
>
> At least the first pages are packaging files for Debian, Fedora, and
> other Linux distributions. Downstream distributions provide a Python
>
> <snip>
>
> Attackers abuse the fact and try to typo-squat packages in hope that
> somebody uses the Linux distribution package name "python3-dateutil"
> instead of the upstream name "python-dateutil" in requirements.txt
Yes, I understand. Thank you.
- DLD
More information about the Python-list
mailing list