Date: Wed, 13 Aug 2003 23:04:50 +0100 From: Matt Heath <matt@thebigchoice.com> To: FreeBSD Questions Mailing List <freebsd-questions@freebsd.org> Subject: Re: ftp.gnu.org got cracked... how does this affect FreeBSD? Message-ID: <3F3AB602.7020704@thebigchoice.com> In-Reply-To: <20030813205810.GA55550@rot13.obsecurity.org> References: <1060807840.561.8.camel@klotz.local> <20030813205810.GA55550@rot13.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > >So far there's no evidence that any distfiles were compromised. For >files in the ports collection, they would have been caught by the md5 >checksum. > > I wouldn't be so sure, the guy was harvesting passwords. Although I don't know the details of the commit procedure he would surely be able to fiddle with any commits which are, by definition, going to have different checksums. but I'm guessing. In the face of no facts it is the only choice I have.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F3AB602.7020704>