[Pdx-pm] PHP wiki down
Keith Lofstrom
keithl at kl-ic.com
Sun Mar 27 10:25:29 PDT 2011
> php.net security notice
> [19-Mar-2011]
>
> The wiki.php.net box was compromised and the attackers were
> able to collect wiki account credentials. No other machines
> in the php.net infrastructure appear to have been affected.
> Our biggest concern is, of course, the integrity of our source
> code. We did an extensive code audit and looked at every commit
> since 5.3.5 to make sure that no stolen accounts were used to
> inject anything malicious. Nothing was found. The compromised
> machine has been wiped and we are forcing a password change
> for all svn accounts.
>
> We are still investigating the details of the attack which
> combined a vulnerability in the Wiki software with a Linux
> root exploit.
I assume the PHP wiki software was written in PHP, the public
bathhouse orgy of programming languages. But then so is
mediawiki. Yikes!
www.libgd.org is down, too. Libgd, which is used by many
tools (GD.pm, gnuplot, inkscape), is apparently hosted on
the same server. So that makes it vaguely relevant here,
beyond the delicious opportunity for cruel and immature
laughter at the misfortunes of the competition.
Keith
--
Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
More information about the Pdx-pm-list
mailing list