diff options
author | Andreas K. Hüttel <dilfridge@gentoo.org> | 2018-06-28 23:09:47 +0200 |
---|---|---|
committer | Andreas K. Hüttel <dilfridge@gentoo.org> | 2018-06-28 23:09:47 +0200 |
commit | 571c4224d260f02d62f8549e578285f31ba10bff (patch) | |
tree | 2dbe4919b01792293dc2de2c866c90908fb225ce | |
parent | downloads/signatures/index.html: Update releng DSA key expiration (diff) | |
download | www-571c4224d260f02d62f8549e578285f31ba10bff.tar.gz www-571c4224d260f02d62f8549e578285f31ba10bff.tar.bz2 www-571c4224d260f02d62f8549e578285f31ba10bff.zip |
Add message about hacked github repo
-rw-r--r-- | _posts/2018-06-28-Github-gentoo-org-hacked.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/_posts/2018-06-28-Github-gentoo-org-hacked.md b/_posts/2018-06-28-Github-gentoo-org-hacked.md new file mode 100644 index 0000000..46e9162 --- /dev/null +++ b/_posts/2018-06-28-Github-gentoo-org-hacked.md @@ -0,0 +1,16 @@ +--- +title: 'Github Gentoo organization hacked' +--- + +Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of +repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its +repositories. All Gentoo code hosted on github should for the moment be considered compromised. + +This does NOT affect any code hosted on the Gentoo infrastructure. Since the master Gentoo ebuild repository is hosted on our own infrastructure and +since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org. + +Also, the gentoo-mirror repositories including metadata are hosted under a separate Github organization and likely not affected as well. + +All Gentoo commits are signed, and you should verify the integrity of the signatures when using git. + +More updates will follow. |