Seth Vidal wrote: > Hi folks, > This lwn article reports that berlios.de has been compromised for a long, > long time. > > http://lwn.net/Articles/369633/ > > So I compiled a little list of pkgs that need a look: > > http://skvidal.fedorapeople.org/misc/berlios-pkg-owners-list.txt > > > Here is the list as well: > > arbiter:slim:http://slim.berlios.de/ > athimm:freenx-client:http://freenx.berlios.de/ > athimm:freenx-server:http://freenx.berlios.de/ > ausil:oooqs2:http://segfaultskde.berlios.de/index.php?content=oooqs2 > awjb:gimmix:http://gimmix.berlios.de/ > bjohnson:unpaper:http://unpaper.berlios.de > bouska:wifi-radar:http://wifi-radar.berlios.de/ > caolanm:mythes-es:http://openthes-es.berlios.de > dmaphy:graphem:http://graphem.berlios.de/ > dnglaze:openocd:http://openocd.berlios.de/web/ > drago01:hardinfo:http://hardinfo.berlios.de/ > drago01:pinot:http://pinot.berlios.de/ > dwmw2:bcm43xx-fwcutter:http://bcm43xx.berlios.de/ > fab:python-wifi:https://developer.berlios.de/projects/pythonwifi/ > hguemar:sonata:http://sonata.berlios.de/ > hubbitus:sim:http://sim-im.berlios.de/ > isimluk:ruby-ncurses:http://ncurses-ruby.berlios.de/ > ixs:bitbake:http://developer.berlios.de/projects/bitbake/ > jamatos:python-cpio:http://developer.berlios.de/projects/python-cpio/ > jcollie:radiusclient-ng:http://developer.berlios.de/projects/radiusclient-ng/ > jreznik:kio-ftps:http://kasablanca.berlios.de/kio-ftps/ > jspaleta:gpodder:http://gpodder.berlios.de/ > kkofler:kio_gopher:http://kgopher.berlios.de/ > kwizart:atmel-firmware:http://at76c503a.berlios.de/ > kwizart:tslib:http://tslib.berlios.de/ > laxathom:soundconverter:http://soundconverter.berlios.de/ > limb:netpanzer:http://netpanzer.berlios.de > limb:wavextract:http://developer.berlios.de/projects/wavextract > mgarski:smb4k:http://smb4k.berlios.de/ > michaelc:scsi-target-utils:http://stgt.berlios.de > mtasaka:mirage:http://mirageiv.berlios.de/ > musuruan:hatari:http://hatari.berlios.de/ > oget:canorus:http://canorus.berlios.de/ > oget:jjack:http://jjack.berlios.de/ > oron:libhocr:http://hocr.berlios.de > ovasik:star:http://cdrecord.berlios.de/old/private/star.html > rdieter:kasablanca:http://kasablanca.berlios.de/ > rdieter:lensfun:http://lensfun.berlios.de/ > rishi:libgringotts:http://gringotts.berlios.de/ > rjones:ocaml-pgocaml:http://developer.berlios.de/projects/pgocaml/ > rvokal:net-tools:http://net-tools.berlios.de/ > silfreed:gpsd:http://developer.berlios.de/projects/gpsd/ > spot:lincity-ng:http://lincity-ng.berlios.de/ > stingray:cuetools:http://developer.berlios.de/projects/cuetools/ > sundaram:gimmage:http://gimmage.berlios.de/ > terjeros:cpipe:http://developer.berlios.de/projects/cpipe/ > terjeros:python-tidy:http://utidylib.berlios.de/ > till:fatsort:http://fatsort.berlios.de/ > twaugh:pyusb:http://pyusb.berlios.de/ > vcrhonek:fetchmail:http://fetchmail.berlios.de/ > > if you're on this list then you need to talk to upstream and find out if > they have done an audit yet. You might consider doing an audit yourself, > if you have the background to know what sort of things to look for. > > Thanks, Seth. And if we don't, what's a good resource for security auditing n00bs? -J > thanks, > -sv > > -- in your fear, seek only peace in your fear, seek only love -d. bowie -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel