[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: Re: [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warnin
From: Richard Yao <ryao () gentoo ! org>
Date: 2018-06-29 0:58:21
Message-ID: B2CF19A4-A791-4CA4-9F59-0E28F80244D2 () gentoo ! org
[Download RAW message or body]
> On Jun 28, 2018, at 8:46 PM, Richard Yao <ryao@gentoo.org> wrote:
>
>
>> On Jun 28, 2018, at 5:15 PM, Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org> wrote:
>>
>> Hi!
>>
>> I just want to notify that an attacker has taken control of the Gentoo
>> organization in Github and has among other things replaced the portage
>> and musl-dev trees with malicious versions of the ebuilds intended to
>> try removing all of your files.
>>
>> Whilst the malicious code shouldn't work as is and GitHub has now
>> removed the organization, please don't use any ebuild from the GitHub
>> mirror ontained before 28/06/2018, 18:00 GMT until new warning.
> Is the attacker using the account "gentoogang"?
Nevermind. After reading other mailing list threads, it is clear to me that he was the attacker. :/
>>
>> Sincerely,
>> Francisco Blas Izquierdo Riera (klondike)
>> Gentoo developer.
>>
>>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic