[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss-gnuradio] Website security breach (gnuradio.org)
From: |
Andrej Rode |
Subject: |
[Discuss-gnuradio] Website security breach (gnuradio.org) |
Date: |
Fri, 16 Mar 2018 18:39:57 +0100 |
User-agent: |
Mutt/1.7.2 (2016-11-26) |
Hello,
Last week we discovered that the Wordpress installation of the website had been
compromised. The compromise allowed access to the system to an unauthenticated,
unprivileged
remote user for at least the past year.
In the worst case scenario it is possible that the website has been serving
hostile scripts, but we can find no evidence of this having occured.
Due to the large security implications to the system running the website we
have shut it down and are now serving a static snapshot of the website until
further notice.
This compromise only affected the Wordpress website (gnuradio.org) and its
MySQL database. The wiki, cgit repository, LiveDVD images, and everything else
are not affected.
We are considering how best to improve the security of the website in the long
run.
Cheers
Andrej
--
Andrej Rode
GPG Key: 750B CBBB 4A75 811A 4D5F 03ED 5C23 7FB8 9A7D A2AA
signature.asc
Description: Digital signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Discuss-gnuradio] Website security breach (gnuradio.org),
Andrej Rode <=