os
os copied to clipboard
wolfi-dev
wolfictl/0.24.3 package update
![octo-sts[bot] avatar](https://avatars.githubusercontent.com/in/801323?v=4 "Published by a pub.dev verified publisher"){kind=small}
Package wolfictl: Click to expand/collapse
Package wolfictl:
.PKGINFO metadata:
(
"""
# Generated by melange
pkgname = wolfictl
- pkgver = 0.24.2-r0
+ pkgver = 0.24.3-r0
arch = x86_64
- size = 129367521
+ size = 129489146
origin = wolfictl
pkgdesc = Helper CLI for managing Wolfi
url =
- commit = 2d470831e84bbd1b378dd076b7b4dd4e10bc7a4a
- builddate = 1728341150
+ commit = 77880134ae536f5132551e609edec5c8444bac5a
+ builddate = 1728841832
license = Apache-2.0
depend = so:ld-linux-x86-64.so.2
depend = so:libc.so.6
- provides = cmd:wolfictl=0.24.2-r0
- datahash = d5ba5fd4976847f2ecc54399e1b1f822d9c5563d52ccc8e331598a49b9fb1b89
+ provides = cmd:wolfictl=0.24.3-r0
+ datahash = 444f07a15eded7831efb1e51904120479864effbf37d0b1ce61681354359d7b7
"""
)
Modified: /usr/bin/wolfictl
malcontent found differences: Click to expand/collapse
Changed: /tmp/wolfictl-apk-1078982797/wolfictl/usr/bin/wolfictl
1 new behaviors
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | net/bpf | BPF (Berkeley Packet Filter) | bpf |
Moved: wolfictl/var/lib/db/sbom/wolfictl-0.24.2-r0.spdx.json -> /tmp/wolfictl-apk-1078982797/wolfictl/var/lib/db/sbom/wolfictl-0.24.3-r0.spdx.json (similarity: 0.99)
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
malcontent detected files with a risk score equal or higher than 'CRITICAL': Click to expand/collapse
/tmp/malcontent512997006/packages/x86_64/wolfictl-0.24.3-r0.apk/usr/bin/wolfictl [🚨 CRITICAL]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| HIGH | admin/pip_install | Installs software using pip from python | pip installb3312fa7e23ee7e4988e056be3f82d19 |
| CRITICAL | combo/dropper/shell | change dir, fetch file via tor, make it executable, and run it | ./a ./b ./configure --prefix ./configure command. ./configure.ac ./dist/ ./etc/apk/repositoriesfailed to find ./g ./j ./kiedwih ./lzz ./n ./ocqhr ./package.json ./packages ./pipe/docker ./pmyh ./pombump-deps.yaml ./pombump-properties.yaml ./sx ./uw ./x ./ybmumru ./yzldrbh .onion cd $ chmod curl License |
| HIGH | combo/stealer/browser | Makes references to multiple browser credentials | .config Cookies Firefox Opera User Data |
| HIGH | ref/path/hidden | hidden path in a system directory | docpurl3.22lib/bin/.so. |