From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 47A27138334 for ; Thu, 28 Jun 2018 21:55:14 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 45334E09A7; Thu, 28 Jun 2018 21:54:58 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8F9EEE0976; Thu, 28 Jun 2018 21:54:57 +0000 (UTC) Received: from [IPv6:2001:470:68a6:77e6:e4bc:3ae9:944d:4bba] (unknown [IPv6:2001:470:68a6:77e6:e4bc:3ae9:944d:4bba]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: klondike) by smtp.gentoo.org (Postfix) with ESMTPSA id 61AD5335C75; Thu, 28 Jun 2018 21:54:55 +0000 (UTC) Subject: [gentoo-dev] Re: Hostile takeover of our github mirror. Don't use ebuild from there until new warning! From: "Francisco Blas Izquierdo Riera (klondike)" Cc: Gentoo Development , Gentoo mailing list References: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org> Openpgp: preference=signencrypt Autocrypt: addr=klondike@gentoo.org; prefer-encrypt=mutual; keydata= xsFNBFRETY4BEADMOrDSnwioNP+AVmdGj4wETcrb+cLonZcb0KGSyI5Rk01tse4yNJaWGLuX o021x5ERv2YcxQo6pzHe1agbBYRWeDipYbOYBkCVp5V92SdpLueCKK/iwjq3BEqKhtKn6GBv lvUFJ3vHTj8xg6ajKwiWE+82JYSVn3uXtrN6wtQhcXDnHESX0wBnk4EBMuQvnnZOUOP8/Kiy S94KsZCMx5oMfik8NeBaPTmmd5JTrCBu0ai/tAgiXrbLg5fqYNsjl2tvyYGVv9jP+JDEcCTY cYOrkUzfK8UKyqokRct3s2/nSC7RJ2bhlR51kfiWHoJe89lyCEwenhYx/+VZRUnrp8iJD1xa WJVbUjCOVs7BWUon8cPA/SmABhMn5TPi3s+mnWrxZ20rnTjHOqUFCvFFHNrH0Sdj7RSQy5+k ZD/cF5d0QPv3eKuJVDUWp6nmnrbK261WhJ/L7cHEfz85+oizSNUfAmWgU8I40oiW0ZjazvRl c41gVlZxhDL8dj1pfIio78obG2dCr0JHIyDmhMMkd2VLERH1ntRXYjGAnzqAFTZKhSLhKqfG nX9GSl2FqZWC+3qfsBAk6SNuYcf+6BSzZ60QaL6oiosiL6v00pybtjYfH17fE32k4pVoLK+b s3g2FLkoHBSmr93zfRJG5/+qHrMs5PcsmH2lXyOiYe6ra8dTIQARAQABzUBGcmFuY2lzY28g QmxhcyBJenF1aWVyZG8gUmllcmEgKGtsb25kaWtlKSA8a2xvbmRpa2VAa2xvbmRpa2UuZXM+ wsGoBBMBCgBSAhsBAh4BAheAAhkBBgsJCAcKAgcVCgkICwMCBRYDAgEAJBhoa3BzOi8vaGtw cy5wb29sLnNrcy1rZXlzZXJ2ZXJzLm5ldAUCWCm6fwUJCYkHcQAKCRBWCK6iiq/A7LBpD/9x /wnvUbH4nrg7xrExO33Qn/xP+J7MxCjfsVq+ld1NLJf5qBLI2oUaimp5+7UQVPw2c5f+T12a hvWLdb7XZ4MMIXsv/F5o7Q9rX0S2dg8vTQgikndR3IyPfSAol6ydJ4IAZJ8/BV0F2b//2ALk WhmhXeDHOQSW3WTFeW9DsnQ6BkANEq5TvgJ967Erl9eivFjxKuazIqv6ZjxeOe+Rq7crUHAx TGJy1PgMghmQaAwvo3DMJ3tBUoVNUdAu/NVBJQ6GAWbyNfY7JCaETXoaBZZ7dCAiKoYJ+fCX rTNmlNW7oKdyl1Engl+KKJ7XKrrB0flxU7S+hlE6gl6jEjn+SE+MstqhywQ1IFE+rPgbZD8G JhochlN0JvJ6z8PMO+Bx9Zuwz3xV8TccsxIWCO+kIaIBAAM6XvveHjIi+zkRHfArFhyvkahN 84p53QdEzNomJSKtbm8yIonsnqVZOSkiHbAeLob7EqBOHEQiD4kDs18jtFjEMs31uCdF5Iqs 1gHjhpWm7o5h8959+PvubDjOwB/rJEWZzLFVJdV/GYVfAeyrxLsVgNNhOAW9B6Ef4H+c1aMO WjjV1CAnZbHJDI6QsAH2FySWEZK9HDW/NEKb8Pbj9v58XydfyiBezzKhYzxtXjazIhyryNYn 6DmsYal1CU+poOF5v6Pm5MJBQMxubw0Xdc7BTQRYKbiMARAAq8GqaCD3MnlXubmAKBwmKEK7 dehm2qsXet+4no7WdTWN9QBOsVS6yo/bKwfIfyO7hVUorBkL/mfL0qnF2UxubykcBolKNssf xYOvQergBcg7OFBNIqpP6PqmlSLAnwYzEaaeQSqvwcwZ/cR/rdrbw0neP+Ig5is0BGzP9yYI 4WmwMsla2mAtmq2IeiEOyDTPcjwIjpeg2hwIYJfNssM7PINAvaAL/E0riurikXmHLsa9LtkW kvTtg7nxDjEwV/oNELyzm+lMFU6e1E8aY0eMB518YrIV/tZx+5RDcBE/Sr6cF85NwNEKe5vM iy38YhSC2fBrx3x/PyWQkneXXyiDRv0ssEXBAf/LysTQlI3ICjGywV1bnzycrd3qrvMz4c1f 161fRMxGTjQlASkRJgmNHAqhHv8582AcJIHzmnT+wUHLHjvolfbJNfFPaLDoUEKTPK7T+AXv +/l7ksCy0Ut7TY7BPkA5yL4mh8zF+T08u/sMRl1nGxfbWGRsFLHklKANmNU9jllTGhYrnqfJ vWvVr42gXkPoC3bY+Aff0vIAciRPqn082PXNp7p8qVTamA5jR90pBNNtsjFdTfVrFW9WKkHO M2t0tWNBqqc2l/9mZgQitm9P9r8zR7bB1QOCmR+Ep8X0VF8DGdRhYbhK1rvvx/WOtIi6UTRt zQTuMdMIbTkAEQEAAcLBZQQYAQoADwIbDAUCWCm6wQUJA8JpNQAKCRBWCK6iiq/A7ClZD/4y U9UY0v6wKVf7rzZZkBxot+VIHb/RzKlFxJJuUX41BRzfx8cmDvHF2UMrh3xzcE2RdPDD45rU QZ9nU8WZ7SU1dN185BSApooKJ3uUoIWC5K5a5Sth2vTFqAnzpMAQTWJAeWHpfCI+D84p6ROa 2SRyXceloMi4YtXjc7ctl/Gz+1GEJFxPA49zVkUrJ1Omwf8wi7MX4xxp2LcqxNlR1782OdiX 15h8xbjnW89ctk3RZxlbv6nOsYrYcNOnlOdpz1MnC+O4BWcWAvucUbIsqvz1OqXCpfFfrtiY flJKfkBuqDFJPTxzZj+ZG9UmGcOn19Y4zaGlyUNLB1qctlSjhJt+wgFeP3onxEcw6aa1+eFg VZi79EQAzI6glA2rjLbE1czM44OFgbOkSnWQkQuTNsdmUos8D3pX9XjU28HgOnYlUC34PBcq vj3OZVHDpipe+J7dfDLLUCBa4WVf2a/ad31wSYF4n0Uzw2dGfP1HdkgYP02hmk+STOTvVojp /ongzIfKTLlR5vn/KkaaoM6jQftV9qqmxxi58Ya4iHbGCASALDZfY0RtSY5hNAwPNuRfp2qr yydRYGyuOxGGcXvl6VppaUi+RP2xhSVdXZAwZQKATcllmYkR9gTHX12Uzs1lD2n+7woyYH/Z SBd4u4PAXBbDNV/Q7j+QHKqdsA+EswMfjg== Message-ID: Date: Thu, 28 Jun 2018 23:54:45 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="zbOxdlWm14mTAses5zVjxEfZot5wBYn0b" X-Archives-Salt: 95d657ef-cb87-4f30-940c-d9b6da9726e8 X-Archives-Hash: a063281f9c57de82b7995ff4d929c4a5 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --zbOxdlWm14mTAses5zVjxEfZot5wBYn0b Content-Type: multipart/mixed; boundary="4YseiQshjeOIoSzK3j6fE87IIwcSgBP9E"; protected-headers="v1" From: "Francisco Blas Izquierdo Riera (klondike)" Reply-To: gentoo-dev@lists.gentoo.org Cc: Gentoo Development , Gentoo mailing list Message-ID: Subject: Re: Hostile takeover of our github mirror. Don't use ebuild from there until new warning! References: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org> In-Reply-To: <9fa78b84-56c4-674b-77a9-4b484a10995b@gentoo.org> --4YseiQshjeOIoSzK3j6fE87IIwcSgBP9E Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Content-Language: sv-FI El 28/06/18 a las 23:15, Francisco Blas Izquierdo Riera (klondike) escrib= i=C3=B3: > Hi! > > I just want to notify that an attacker has taken control of the Gentoo > organization in Github and has among other things replaced the portage > and musl-dev trees with malicious versions of the ebuilds intended to > try removing all of your files. > > Whilst the malicious code shouldn't work as is and GitHub has now > removed the organization, please don't use any ebuild from the GitHub > mirror ontained before 28/06/2018, 18:00 GMT=C2=A0 until new warning. > > Sincerely, > Francisco Blas Izquierdo Riera (klondike) > Gentoo developer. > > Just to keep up with it. There is a more complete article published at https://www.gentoo.org/news/2018/06/28/Github-gentoo-org-hacked.html --4YseiQshjeOIoSzK3j6fE87IIwcSgBP9E-- --zbOxdlWm14mTAses5zVjxEfZot5wBYn0b Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEDaSLWSPwfVgqfnPQ9L3S7+j/ePkFAls1WSUACgkQ9L3S7+j/ ePlf4A/+NTODSP9cd4BvsJOdIzijOCCZXMOTAA9pCTHbUjkuqUsd8CdYxl7mZUfN jaUOJ6V1PypUQg/d4/PZgrl8tw5ndVRd/YKqFI9vtX0Logxi0gEFgdb0PRXlgfvY xh4rh7BkbC4nks5x+8wF0yhAzsJA9985GHqjVvpsaleM7YYx9fJ8ZmlSLjZgkilN 8mn7hXD/Yyvi6VPsKZWDvcRkgl4BVu40uuxtqGOfMXV8yyz3CluLMe4reZnAWIMg XDntw3YbwwM38DIsPjRX4op8tqGCFdHenW2TPfhEm2rrrHsXV0xGcvo5VLvc4vZj 2duBqzq+LTTA4VD3WtXR5bST/D2IuG3inWuLZL9aPzQWrKQfiS1gsQkVWnkenUGw 2vogzDdKDi4IsgzKc11BeiiZqdSgGgZ7SxpFtlpDxkM35N2mfB9jicTp++zKGu5m whQmrdHfsbjwhEzTqhx17twZ1VJ/WlE1blccfqtyotv+ok/FQ0VbG4cqIyaGYu0B kMrK/d7qy8n5WHhIo+RIoCwsODoVCOHm1MlwKno6TZjtA8eSNl7puuq3bDKfhAiQ m+HoVjtFRq9RfbcIkrZK0bHKH2DpJ+k8zRaKtuH57u+SMErt13xMEckCl73b7GO5 Tg6d/Oaax1l6op1aaRQwvdbV5GxjpK/EG8lXOfnF8wwLo0uJqfw= =11Ut -----END PGP SIGNATURE----- --zbOxdlWm14mTAses5zVjxEfZot5wBYn0b--