berlios.de compromised since 2005
Jon Ciesla
limb at jcomserv.net
Wed Jan 13 18:33:19 UTC 2010
Seth Vidal wrote:
> Hi folks,
> This lwn article reports that berlios.de has been compromised for a long,
> long time.
>
> http://lwn.net/Articles/369633/
>
> So I compiled a little list of pkgs that need a look:
>
> http://skvidal.fedorapeople.org/misc/berlios-pkg-owners-list.txt
>
>
> Here is the list as well:
>
> arbiter:slim:http://slim.berlios.de/
> athimm:freenx-client:http://freenx.berlios.de/
> athimm:freenx-server:http://freenx.berlios.de/
> ausil:oooqs2:http://segfaultskde.berlios.de/index.php?content=oooqs2
> awjb:gimmix:http://gimmix.berlios.de/
> bjohnson:unpaper:http://unpaper.berlios.de
> bouska:wifi-radar:http://wifi-radar.berlios.de/
> caolanm:mythes-es:http://openthes-es.berlios.de
> dmaphy:graphem:http://graphem.berlios.de/
> dnglaze:openocd:http://openocd.berlios.de/web/
> drago01:hardinfo:http://hardinfo.berlios.de/
> drago01:pinot:http://pinot.berlios.de/
> dwmw2:bcm43xx-fwcutter:http://bcm43xx.berlios.de/
> fab:python-wifi:https://developer.berlios.de/projects/pythonwifi/
> hguemar:sonata:http://sonata.berlios.de/
> hubbitus:sim:http://sim-im.berlios.de/
> isimluk:ruby-ncurses:http://ncurses-ruby.berlios.de/
> ixs:bitbake:http://developer.berlios.de/projects/bitbake/
> jamatos:python-cpio:http://developer.berlios.de/projects/python-cpio/
> jcollie:radiusclient-ng:http://developer.berlios.de/projects/radiusclient-ng/
> jreznik:kio-ftps:http://kasablanca.berlios.de/kio-ftps/
> jspaleta:gpodder:http://gpodder.berlios.de/
> kkofler:kio_gopher:http://kgopher.berlios.de/
> kwizart:atmel-firmware:http://at76c503a.berlios.de/
> kwizart:tslib:http://tslib.berlios.de/
> laxathom:soundconverter:http://soundconverter.berlios.de/
> limb:netpanzer:http://netpanzer.berlios.de
> limb:wavextract:http://developer.berlios.de/projects/wavextract
> mgarski:smb4k:http://smb4k.berlios.de/
> michaelc:scsi-target-utils:http://stgt.berlios.de
> mtasaka:mirage:http://mirageiv.berlios.de/
> musuruan:hatari:http://hatari.berlios.de/
> oget:canorus:http://canorus.berlios.de/
> oget:jjack:http://jjack.berlios.de/
> oron:libhocr:http://hocr.berlios.de
> ovasik:star:http://cdrecord.berlios.de/old/private/star.html
> rdieter:kasablanca:http://kasablanca.berlios.de/
> rdieter:lensfun:http://lensfun.berlios.de/
> rishi:libgringotts:http://gringotts.berlios.de/
> rjones:ocaml-pgocaml:http://developer.berlios.de/projects/pgocaml/
> rvokal:net-tools:http://net-tools.berlios.de/
> silfreed:gpsd:http://developer.berlios.de/projects/gpsd/
> spot:lincity-ng:http://lincity-ng.berlios.de/
> stingray:cuetools:http://developer.berlios.de/projects/cuetools/
> sundaram:gimmage:http://gimmage.berlios.de/
> terjeros:cpipe:http://developer.berlios.de/projects/cpipe/
> terjeros:python-tidy:http://utidylib.berlios.de/
> till:fatsort:http://fatsort.berlios.de/
> twaugh:pyusb:http://pyusb.berlios.de/
> vcrhonek:fetchmail:http://fetchmail.berlios.de/
>
> if you're on this list then you need to talk to upstream and find out if
> they have done an audit yet. You might consider doing an audit yourself,
> if you have the background to know what sort of things to look for.
>
>
Thanks, Seth. And if we don't, what's a good resource for security
auditing n00bs?
-J
> thanks,
> -sv
>
>
--
in your fear, seek only peace
in your fear, seek only love
-d. bowie
More information about the devel
mailing list