Search Criteria
Package Details: freedownloadmanager 6.25.2.6046-2
Package Actions
| Git Clone URL: | https://aur.archlinux.org/freedownloadmanager.git (read-only, click to copy) |
|---|---|
| Package Base: | freedownloadmanager |
| Description: | FDM is a powerful modern download accelerator and organizer. |
| Upstream URL: | https://www.freedownloadmanager.org/ |
| Keywords: | fdm freedownloadmanager |
| Licenses: | Freeware |
| Submitter: | rizwan486 |
| Maintainer: | rizwan486 |
| Last Packager: | rizwan486 |
| Votes: | 37 |
| Popularity: | 0.81 |
| First Submitted: | 2020-01-21 11:41 (UTC) |
| Last Updated: | 2025-02-07 17:16 (UTC) |
Dependencies (5)
- ffmpeg (ffmpeg-nvcodec-11-1-gitAUR, ffmpeg-cudaAUR, ffmpeg-decklinkAUR, ffmpeg-amd-fullAUR, ffmpeg-ffplayoutAUR, ffmpeg-gitAUR, ffmpeg-amd-full-gitAUR, ffmpeg-fullAUR, ffmpeg-full-gitAUR, ffmpeg-libfdk_aacAUR, ffmpeg-headlessAUR, ffmpeg-obsAUR)
- gst-plugins-base (gst-plugins-base-gitAUR)
- libtorrent (libtorrent-gitAUR, libtorrent-ps-chAUR, libtorrent-psAUR, libtorrent-ipv6AUR)
- openssl (openssl-gitAUR, openssl-staticAUR)
- xdg-utils (busking-gitAUR, xdg-utils-slockAUR, mimiAUR, mimi-gitAUR, xdg-utils-handlrAUR, openerAUR, xdg-utils-mimeoAUR, mimejs-gitAUR)
Latest Comments
« First ‹ Previous 1 2 3 4 5 6 7 8 .. 10 Next › Last »
doctorzeus commented on 2023-09-14 10:37 (UTC) (edited on 2023-09-14 10:54 (UTC) by doctorzeus)
@Shamshiel Thanks for those
Cloned the git repo and ran:
$ for commit in $(git log --format=%H); do git checkout $commit -- PKGBUILD; cat PKGBUILD | grep sum; done
Unless there was a checksum from an old update from the malicious package seems luckily the checksum is fineL
dca98d8641043b35b9aa22ba7b864f23dc1b4dd0361055941f96752bc91d5d6c, a937363c821f5be62e4806fccf75697f66d3761ba6a195ce013b01506d846136, a937363c821f5be62e4806fccf75697f66d3761ba6a195ce013b01506d846136, a937363c821f5be62e4806fccf75697f66d3761ba6a195ce013b01506d846136, 43249ff430b24625d319dcf566fbda37c2bd078201c6aa39357dbe048c04e3e3, 24c0406298d11e1b66b00bbec4d427915a61794ab7b3216c8af6575e20d5356a, 055d8bf0e9a697dd9d5f3a6177c3ec6f2b99769b52b052bf7ce442f4eb0863ad, 055d8bf0e9a697dd9d5f3a6177c3ec6f2b99769b52b052bf7ce442f4eb0863ad, 0cd81531fe3927e61e8c9f5da7b8f95900ada2e71240281280614af19815a92f, 0cd81531fe3927e61e8c9f5da7b8f95900ada2e71240281280614af19815a92f, c15593e28ecc4ae79eda3b1db7509e59e94cff6e214d356296470af69ad6797c, 85ad2f00c72b28519e03a003708ea8bcd58c28293018e15c54bf2e5380a72fb0, ca0ac5a1a8586f51714b31db5b41dee9a0cbf4c23a2dd76b8c39297d2a0f15fb, 964c5ffbd55ca8738772fd89c2a676c099c53c0b446a43126a20b4814d5cdebe4a2bbbfdd6f2af713d21a7cbb47fe6e575f39d307f5b09510ab408679b040b05, 128c4f122537852eac7b1e0091346486, 8db0504e6c1cf7f6a5be87a1909731d4d7b5038ef34aa97015498b0cd4872606, 6142ccd59e3cc955f6264aa3b517cd0df4207ab8e283ad79f2d59720099744df, 46a482f66e9e70d3ae2c93b3543d2bf30976a991fff5e92c525d06a2e8292565, 3889cfc2735e86ad226090fbdfe37d88e47aaa0effc682a46d72b1b093a60352, 3565df5dfe376d3da09c2f540193f25aabbce236e638f630e0dc553f0e53d706, 87ac79b5cfdf1e733225a8ac3bb69025a8f83af85327a4b3c20b368bb93d6a33, 2e8e074d866d795e268ae1e853337517612265446f1e4441c0f555539c451b68, 460c3354d5fda7c07e936da4b282ac1a1a2cd5145207d425572a506cf8bece91, ba90bad2823ac93ba38813ffc8b3e13b2a4c343606ec49d712e0f36d79491e91, 217b7bf3f20ddac9f85fdcac4a638767, 6be2df7ca0ed6a25fd2ce864394afc28, 8d2696f79480eb70770171921c2c4ab5, 8d2696f79480eb70770171921c2c4ab5, 4b2d436de0634f430669773b91c278a6, 78b6f3ab81d39eb06cb7f0cfe8924c66, de72a96c687cde45104bde4136c26496, 68771720738bc9c1a17be51403a7ad18, 68771720738bc9c1a17be51403a7ad18, 0cb37e0092406af6c0c9dc801119df3e, 005d92398605a0b120c25bc569a4fcb9, 07e555ba6a8621ffe38cabbd033597dc, ef1a2ffc8387e57184345f1d0e2396c8, 98f74fd9abc3471b05c4c93e2fd1f78f, 98f74fd9abc3471b05c4c93e2fd1f78f
Shamshiel commented on 2023-09-14 09:48 (UTC) (edited on 2023-09-14 09:49 (UTC) by Shamshiel)
The malicious checksums apparently are the following:
The recent checksum used in this package are:
Don't know if there is an easy way to check the last couple of years (especially 2020-2022) if a malicious checksum was ever in this AUR package.
doctorzeus commented on 2023-09-14 08:34 (UTC)
For anyone here who was having checksum errors and decided to change the checksum anyway to install it (bad idea for future reference, always verify with the package maintainer/owner): I highly recommend you check you haven't now installed the malicious version (as described here: https://www.bleepingcomputer.com/news/security/free-download-manager-site-redirected-linux-users-to-malware-for-years/).
These files are the giveaway apparently: /etc/cron.d/collect /var/tmp/crond /var/tmp/bs
I don't have the checksum for the malicious version but @rizwan486 you might want to check on this one in case this was at any point pushed as part of the pkgbuild..
Shamshiel commented on 2023-09-13 08:08 (UTC)
It seems that FDM has/had some malware problems on Linux. Was/Is this AUR package also impacted by it?
bonob commented on 2023-09-12 23:21 (UTC)
https://securelist.com/backdoored-free-download-manager-linux-malware/110465/
I imagine the sha256sum would have prevented the malicious version to be processed by the PKGBUILD. But certainly the trustworthiness of the source is dubious.
rizwan486 commented on 2023-05-20 19:21 (UTC)
@rainbowbrolly I just upgraded it. Now it will work.
rainbowbrolly commented on 2023-05-20 10:38 (UTC)
had to change sha256sum in the PKGBUILD for the latest package and use makepkg and pacman to install it .
rainbowbrolly commented on 2023-05-20 10:05 (UTC)
I am using manjaro and used yay to install this package but getting this error ERROR: One or more files did not pass the validity check!
I tried deleting the package and repeat the process multiple times but the result is still the same.
Thank you
rizwan486 commented on 2023-04-13 19:26 (UTC)
@BestRazer Thanks for the heads up. I've updated it.
« First ‹ Previous 1 2 3 4 5 6 7 8 .. 10 Next › Last »