Unreal IRC server sources on the official mirror contained a backdoor

Some versions of Unreal3.2.8.1.tar.gz on the official mirrors contained a backdoor that allows you to execute any commands with the privileges of the user on whose behalf ircd is loaded.
The developers assure that they will do everything so that this does not happen again, and recommend that users do not take lightly to PGP / GPG signatures

Versions not subject to the problem

Windows binaries - not changed

CVS is not infected

3.2.8 and earlier versions - not dangerous
')
Unreal3.2.8.1.tar.gz files downloaded earlier on November 10, 2009 are also safe.

How to check if the problem touched me?

The first way is to check md5 from Unreal3.2.8.1.tar.gz with the command md5sum Unreal3.2.8.1.tar.gz
Possible results

Some version: 752e46f2d873c1679fa99de3f52a274d
Official version: 7b741e94e867c0a7370553fd01506c66

You can also check by running the command

grep DEBUG3_DOLOG_SYSTEM include / struct.h

in the Unreal3.2 directory. If the output consists of two lines - the version is built. If nothing came of it, all is well.

What to do if your server is infected

First, once again make sure that he is really infected in the ways indicated above.

Decision:
1. Download the source from www.unrealircd.com
2. Check md5 amounts. (The “correct” hashes will be given below)
3. Rebuild and restart UnrealIRCd.

Correct md5 release hashes

7b741e94e867c0a7370553fd01506c66 Unreal3.2.8.1.tar.gz
5a6941385cd04f19d9f4241e5c912d18 Unreal3.2.8.1.exe
a54eafa6861b6219f4f28451450cdbd3 Unreal3.2.8.1-SSL.exe

Conclusion

Here the team apologizes to everyone for the inconvenience.
And here is the official advisory
Shit happens