Ubuntu
libg15 package

G15 package website url invalid, leads to possible malware install

Bug #1805519 reported by Nikolas Reist on 2018-11-28

This bug report is a duplicate of: Bug #1468526: g15tools.com seems to be not anymore under control be g15tools. Edit Remove

This bug affects 2 people

	Status	Importance	Assigned to
g15composer (Ubuntu)	Confirmed	Undecided	Unassigned
g15daemon (Ubuntu)	Confirmed	Undecided	Unassigned
g15macro (Ubuntu)	Confirmed	Undecided	Unassigned
g15mpd (Ubuntu)	Confirmed	Undecided	Unassigned
g15stats (Ubuntu)	Confirmed	Undecided	Unassigned
libg15 (Ubuntu)	Confirmed	Undecided	Unassigned
libg15render (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

The External Resources website listed on https://packages.ubuntu.com for the G15 packages leads to (tested in Chrome) a false extension install popup and what looks like a malicious site.

http://www.g15tools.com/

If the site has moved or changed this should probably be updated.

Thanks,

See original description

Nikolas Reist (zeroability) on 2018-11-28

description:

updated

Nikolas Reist (zeroability) on 2018-11-28

information type:

Public → Private Security

Alex Murray (alexmurray) on 2018-11-28

information type:

Private Security → Public

Revision history for this message

Nikolas Reist (zeroability) wrote on 2018-11-28:

While the status of the bug report from 2015 may be "Invalid" the fact is that https://packages.ubuntu.com still references this website that has obviously been acquired for malicious purposes. People contributing on products that use this as a dependency may look to the package pages for these modules and attempt to access the site. It would helpful to change the website you are posting on your packages site to reflect that of the sourceforge site you referenced. Possible causes were outlined in the question that preceded this bug report along with notifying other potential package repository maintainers (like debian, etc...), both of which were suggested by a member of your staff.

description:

updated

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-11-28:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in g15composer (Ubuntu):
status:	New → Confirmed
Changed in g15daemon (Ubuntu):
status:	New → Confirmed
Changed in g15macro (Ubuntu):
status:	New → Confirmed
Changed in g15mpd (Ubuntu):
status:	New → Confirmed
Changed in g15stats (Ubuntu):
status:	New → Confirmed
Changed in libg15 (Ubuntu):
status:	New → Confirmed
Changed in libg15render (Ubuntu):
status:	New → Confirmed

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1468526 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulibg15 package

G15 package website url invalid, leads to possible malware install

Bug Description

Other bug subscribers

Related questions

Remote bug watches

Ubuntu
libg15 package