Funtoo Linux BDFL drobbins Posted June 29, 2018 Funtoo Linux BDFL Report Share Posted June 29, 2018 Today, Gentoo's GitHub account was compromised. From initial observation, this was a pretty blatant attack, akin to vandalism, and not an attempt to stealthfully compromise the integrity of Gentoo systems. However, the Gentoo project is urging caution until GitHub has restored the git repos to proper function and ensured their integrity, and for safety to treat all repositories as "compromised." As a precaution, we are now pulling updates directly from Gentoo rather than from Gentoo's GitHub account. Reference: https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html Link to comment Share on other sites More sharing options...
Funtoo Linux BDFL drobbins Posted June 30, 2018 Author Funtoo Linux BDFL Report Share Posted June 30, 2018 Gentoo has completed an audit of the compromise, which is visible here: https://wiki.gentoo.org/wiki/Github/2018-06-28 A few repositories had some attempts at malicious changes, -- inserting "rm -rf /" at the top of quite a few ebuilds, etc. None of these malicious changes made it into Funtoo. Link to comment Share on other sites More sharing options...
Recommended Posts