[aur-general] [HEADS-UP] Breaking AUR helpers

Lukas Fleischer archlinux at cryptocrack.de
Sun Jun 24 10:55:39 EDT 2012


I just wanted to let everybody know that I'm about to apply a patch to
our AUR setup that fixes some CSRF vulnerabilities. This will probably
break most (all?) AUR helpers (mis)using the AUR HTML interface. AUR
helpers, that only make use of the RPC interface, won't be affected.

I recommend using the web interface until the affected programs are

More information about the aur-general mailing list