Author: al
Date: Sun Feb 9 23:46:47 2014
New Revision: 3643
Log:
web: Disclose security breach on Trac server
Edited by me.
Originally-written-by: Michael Niedermayer <[email protected]>
Modified:
trunk/src/news.en
Modified: trunk/src/news.en
==============================================================================
--- trunk/src/news.en Sun Dec 22 12:57:12 2013 (r3642)
+++ trunk/src/news.en Sun Feb 9 23:46:47 2014 (r3643)
@@ -8,6 +8,30 @@
<div class="newsentry">
<h2>
+ <a name="trac_sec">2014-02-09, Sunday :: trac.ffmpeg.org /
trac.mplayerhq.hu Security Breach</a>
+ <br><span class="poster">posted by <a
href="mailto:[email protected]";>beastd</a></span>
+</h2>
+
+<p>
+The server on which FFmpeg and MPlayer Trac issue trackers were
+installed was compromised. The affected server was taken offline
+and has been replaced and all software reinstalled.
+<p>
+MPlayer SVN, releases, web and mailinglists are on other servers and
+were not affected. We believe that the original compromise happened
+to a server, unrelated to FFmpeg and MPlayer, several months ago.
+That server was used as a source to clone the VM that we recently moved
+Trac to. It is not known if anyone used the backdoor that was found.
+</p>
+<p>
+We recommend all users to change their passwords.
+<b>Especially users who use a password on Trac that they also use elsewhere,
+should change that password at least elsewhere.</b>
+</p>
+
+</div>
+
+<h2>
<a name="bugzilla2trac">2013-12-22, Sunday :: Bug Tracker moved</a>
<br><span class="poster">posted by <a
href="mailto:[email protected]";>beastd</a></span>
</h2>
_______________________________________________
MPlayer-DOCS mailing list
[email protected]
https://lists.mplayerhq.hu/mailman/listinfo/mplayer-docs
