On Sun, Jan 06, 2013 at 10:39:31PM +0000, Luca Filipozzi wrote: > Please recall our recent email regarding the moinmoin [1] vulnerability [2] > and > the penetration of Debian's wiki [3]. We have reset all password hashes and > sent individual notification to all Debian wiki account holders with > instructions on how to recover (and thereby reset) their passwords [4]. More > technical details about the attack are available [5].
Thanks. I noticed that my passwords on wiki.debian.org and wiki.debconf.org were identical, but my password on wiki.debconf.org had not been automatically reset. Perhaps it's worth auditing for this, since I suspect this is not uncommon? -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130107211909.gk21...@riva.dynamic.greenend.org.uk