[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warnin
From:       Richard Yao <ryao () gentoo ! org>
Date:       2018-06-29 0:58:21
Message-ID: B2CF19A4-A791-4CA4-9F59-0E28F80244D2 () gentoo ! org
[Download RAW message or body]



> On Jun 28, 2018, at 8:46 PM, Richard Yao <ryao@gentoo.org> wrote:
> 
> 
>> On Jun 28, 2018, at 5:15 PM, Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org> wrote:
>> 
>> Hi!
>> 
>> I just want to notify that an attacker has taken control of the Gentoo
>> organization in Github and has among other things replaced the portage
>> and musl-dev trees with malicious versions of the ebuilds intended to
>> try removing all of your files.
>> 
>> Whilst the malicious code shouldn't work as is and GitHub has now
>> removed the organization, please don't use any ebuild from the GitHub
>> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
> Is the attacker using the account "gentoogang"?

Nevermind. After reading other mailing list threads, it is clear to me that he was the attacker. :/
>> 
>> Sincerely,
>> Francisco Blas Izquierdo Riera (klondike)
>> Gentoo developer.
>> 
>> 
> 
> 


[prev in list] [next in list] [prev in thread] [next in thread]