On 12/27/10 5:41 PM, Logan wrote: > Good Evening; > I was quite surprised to see this in my email this evening. I'm not sure what > this is about or even if it's legit. Can someone please take a look at it and > let me know. > Thank you, > Walter Reinhart
This is legit http://blog.mozilla.com/security/2010/12/27/addons-mozilla-org-disclosure/ I believe the mail you forwarded was only sent to the subset of users whose password was stored using a crackable MD5 hash. Apparently you had an old account on addons.mozilla.org, not used since before April 2009. Users who had logged in since then had their password converted to a more secure form. You should consider whatever password you used there compromised -- hopefully you aren't using the same password elsewhere. -Dan Veditz _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security