hostile takeover of TCL15 x86_64 repo?

[GNUser]

Today when I tried to sync my mirror of the repo, I noticed that abiword-dev.tcz.tree was taking a long time to download. Turns out the file is multiple GB in size now--up from around 400 KB. I aborted the sync.

Something does not seem right. Please take a look at the repo to make sure someone malicious hasn't altered it.

[Rich]

Hi GNUser

... Turns out the file is multiple GB in size now--up from around 400 KB. ...

There's a circular dependency that needs to be resolved. That's
the cause of the huge file. Only -dev extensions appear to be
affected. Juanito is looking into it.

[GNUser]

Thanks, Rich. Glad to hear it's a known issue and not a security breach.

EDIT: When problem is resolved, would someone kindly make it known (e.g., on this thread)?

[Rich]

Hi GNUser
One of us will update this thread.

[Juanito]

The main problem of a circular dependency between elogind and polkit is fixed, there may be some other, minor, tidying up to do.

[GNUser]

Good to hear. Thanks for the update.

[hiro]

abiword would need elogind or polkit? for what?

[Rich]

Hi hiro
According to the tree file, elogind gets pulled in by dbus as follows:

Code: [Select]

abiword.tcz->goffice.tcz->gtk3.tcz->at-spi2-core.tcz->dbus.tcz->elogind.tcz->acl.tcz->attr.tczFound here:
http://tinycorelinux.net/15.x/x86_64/tcz/abiword.tcz.tree

I don't see polkit showing up in there.