El 29/06/18 a las 03:55, Duane Robertson escribió: > On Thu, 28 Jun 2018 23:15:36 +0200 > "Francisco Blas Izquierdo Riera (klondike)" <klond...@gentoo.org> wrote: > >> Hi! >> >> I just want to notify that an attacker has taken control of the Gentoo >> organization in Github and has among other things replaced the portage >> and musl-dev trees with malicious versions of the ebuilds intended to >> try removing all of your files. >> >> Whilst the malicious code shouldn't work as is and GitHub has now >> removed the organization, please don't use any ebuild from the GitHub >> mirror ontained before 28/06/2018, 18:00 GMT until new warning. >> >> Sincerely, >> Francisco Blas Izquierdo Riera (klondike) >> Gentoo developer. >> >> > Is it at all likely that any signing keys have been compromised? I > can't think of how that would happen, but I don't know much about the > situation. > If you mean the release signing key the answer is a clear no according to infra's forensics. If you mean specific developers' keys it is unlikely but not fully impossible as we still don't know how the attackers got hold of the compromised accounts.
signature.asc
Description: OpenPGP digital signature
