jstkdng
commented
1 week ago What does that mean? That it has IPs somewhere in the file?
Alright, I understand. That is really weird, right now ueberzugpp doesn't connect to the internet in any way, we don't even have an http client. Does virustotal just randomly execute any binaries? Perhaps something at the OBS side has been compromised... but that'd be a reach.
Can you post that virustotal result and the .deb file?
I downloaded ueberzugpp .deb and was about to install it, when I thought twice, given xz and other issues cropping up in unverified, undervetted software. So I uploaded the .deb to VirusTotal to check. This is what showed up:
It's interesting that the IDS showed a tor relay and the behavior testing revealed two ip addresses. The latter I checked as well. One is a Hetzner instance with an ownership-free certificate. The other is a Swedish site, again without a valid cert.
Can any of you explain this?