Developers are advised to purge these malicious packages
On Wed, Dec 04, 2019 at 07:17:58PM +0100, Christian Heimes wrote:
> At least the first pages are packaging files for Debian, Fedora, and
> other Linux distributions. Downstream distributions provide a Python
> Attackers abuse the fact and try to typo-squat packages in hope that
> somebody uses the Linux distribution package name "python3-dateutil"
> instead of the upstream name "python-dateutil" in requirements.txt
Yes, I understand. Thank you.