Automatic Updates in OpenSuse compromised ?

J0EE0J · February 27, 2015, 9:29am

*4Admin: Could’nt find a better category ! Feel free to move it somewhere else, if you have a better idea. Thx

Hi all,

the last 4 days I had everyday updates of my OpenSuse 13.1 system. This alone could be interpreted that there are several hardworking guys making the system better. But I also detected that always there were 4-5 updates for the virtualbox, every day, always the same files !
This is now a bit strange, isn’t it ?

Now I ask myself whether:

my OS 13.1 has a problem with the automatic updates (have done a zypper update --all yesterday, but got again an update today) Has my PC been hacked ?
the OpenSuse update has been hacked and the bad guys (private, commercial or government) misuse my computer for whatever rascalities they have in mind ?
there is really such an amount of developers working on the virtualbox that a daily update is possible ? ( I studied IT - have doubts to believe that.)
the virtualbox developers have detected a severe bug int the new code in the first update of this sequence and have to repair the bug results on user machines before they can finally activate the corrected update ?
the OpenSuse update System has a bug and is updating certain files again and again ?

Has anyone further information ? Do I have to fear that my system has been hacked or the OpenSuse’s update is compromised ?

Yes I know that NSA & GHCQ most probably are already somewhere in my processor, harddisk and bios. But those bastards had their code already in those components when I bought my PC. They don’t need to use such indirect complicated ways.

TIA, Joe

1Antoine1 · February 27, 2015, 9:35am

Hello Joe,

Please give us your repo list.

zypper lr -u

Typically, the behaviour you described happens when there are duplicates in it.

If I’m right, you can clean the mess (after you removed duplicates) with a:

sudo zypper cc -a

Of course, it could be something else that I’m not aware of.

Miuku · February 27, 2015, 9:42am

Then you should know that you gave absolutely no information to us to go on.

What you should have included was;

Your repositories
What files were updated
Zypper and/or rpm listing of your Virtualbox files and rpm -qa --last for the last 4 days.

wolfi323 · February 27, 2015, 11:22am

I saw the same here with the additional Virtualization repo.

The virtualbox package has been automatically rebuilt a few times in the last days. Nothing to worry about.

In any case, those are not official updates (and as I said, this have mainly been automatic rebuilds by the build system, no changes to the package whatsoever). If you are annoyed/worried by this, don’t use additional repos and install virtualbox from the standard repo, and stick to the official updates.

J0EE0J · February 28, 2015, 7:48pm

Thx for your replies .

In fact there were today no further virtual box updates, so I assume that Wolfi323’s response makes sense.

Thx again and enjoy your weekend, Joe

hendersj · March 3, 2015, 5:08am

On Sat, 28 Feb 2015 18:56:01 +0000, J0Eeoj wrote:

> Thx for your replies .
>
> In fact there were today no further virtual box updates, so I assume
> that Wolfi323’s response makes sense.
>
> Thx again and enjoy your weekend, Joe

For future reference, rather than jumping to the conclusion that your
system/a critical infrastructure system has been hacked, start with “I’m
seeing this, what could be causing it?” and go from there. Provide facts
about your system rather than conjecture.

Making guesses about what’s going on is generally not productive when
troubleshooting with limited information.

See http://www.catb.org/esr/faqs/smart-questions.html for some good
strategies for asking for help.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C