diff options
-rw-r--r-- | _posts/2018-06-28-Github-gentoo-org-hacked.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/_posts/2018-06-28-Github-gentoo-org-hacked.md b/_posts/2018-06-28-Github-gentoo-org-hacked.md new file mode 100644 index 0000000..46e9162 --- /dev/null +++ b/_posts/2018-06-28-Github-gentoo-org-hacked.md @@ -0,0 +1,16 @@ +--- +title: 'Github Gentoo organization hacked' +--- + +Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of +repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its +repositories. All Gentoo code hosted on github should for the moment be considered compromised. + +This does NOT affect any code hosted on the Gentoo infrastructure. Since the master Gentoo ebuild repository is hosted on our own infrastructure and +since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org. + +Also, the gentoo-mirror repositories including metadata are hosted under a separate Github organization and likely not affected as well. + +All Gentoo commits are signed, and you should verify the integrity of the signatures when using git. + +More updates will follow. |