From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-84902-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 642F8138334
	for <garchives@archives.gentoo.org>; Fri, 29 Jun 2018 00:46:57 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id F3050E0908;
	Fri, 29 Jun 2018 00:46:50 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 65B0EE0817;
	Fri, 29 Jun 2018 00:46:50 +0000 (UTC)
Received: from [192.168.5.101] (pool-96-232-204-110.nycmny.fios.verizon.net [96.232.204.110])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: ryao)
	by smtp.gentoo.org (Postfix) with ESMTPSA id 803D0335C70;
	Fri, 29 Jun 2018 00:46:48 +0000 (UTC)
Content-Type: text/plain;
	charset=utf-8
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version: 1.0 (1.0)
Subject: Re: [gentoo-dev] Hostile takeover of our github mirror. Don't use ebuild from there until new warning!
From: Richard Yao <ryao@gentoo.org>
X-Mailer: iPhone Mail (15F79)
In-Reply-To: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org>
Date: Thu, 28 Jun 2018 20:46:45 -0400
Cc: gentoo-announce@lists.gentoo.org,
 Gentoo mailing list <gentoo-user@lists.gentoo.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <6BB8E093-FA06-4336-8467-9311E2F50252@gentoo.org>
References: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org>
To: gentoo-dev@lists.gentoo.org
X-Archives-Salt: b2dcff15-6c20-4bfc-85dc-2883c8956855
X-Archives-Hash: 594de4fdd00dfedf757bf92163af8848


> On Jun 28, 2018, at 5:15 PM, Francisco Blas Izquierdo Riera (klondike) <kl=
ondike@gentoo.org> wrote:
>=20
> Hi!
>=20
> I just want to notify that an attacker has taken control of the Gentoo
> organization in Github and has among other things replaced the portage
> and musl-dev trees with malicious versions of the ebuilds intended to
> try removing all of your files.
>=20
> Whilst the malicious code shouldn't work as is and GitHub has now
> removed the organization, please don't use any ebuild from the GitHub
> mirror ontained before 28/06/2018, 18:00 GMT  until new warning.
Is the attacker using the account =E2=80=9Cgentoogang=E2=80=9D?
>=20
> Sincerely,
> Francisco Blas Izquierdo Riera (klondike)
> Gentoo developer.
>=20
>=20