Hi, Did you check the Savane source code? (since that's what we do already)
- Sylvain On Fri, Dec 03, 2010 at 12:41:56PM +0100, Martin Jernberg wrote: > > send the mail to the mailinglist and not me, but iam kind and forwarding it > :) > > > Date: Thu, 2 Dec 2010 18:54:41 -0500 > > Subject: Re: [Savannah-users] * RESET YOUR PASSWORD * - And we're back! > > From: [email protected] > > To: [email protected] > > > > SQL injection attacks suck. I don't know if Savane does this already, > > but you guys should try to keep all the SQL code in a single > > database.php file and provide useful functions so that all of the SQL > > execution can be found in one place and security audits can be done > > more easily. > > > > My 0.00000005 cents. > > > > On Thu, Dec 2, 2010 at 6:14 PM, Martin Jernberg <[email protected]> wrote: > > > ah good you fixed it thanks, to bad lamers destroys great things :( > > > > > >> Subject: Re: [Savannah-users] * RESET YOUR PASSWORD * - And we're back! > > >> From: [email protected] > > >> To: [email protected] > > >> Date: Thu, 2 Dec 2010 19:22:51 +0100 > > >> > > >> On Thu, 2010-12-02 at 18:46 +0100, Skami 18 wrote: > > >> > Le 02/12/2010 05:23, Michael J. Flickinger a écrit : > > >> > > Your password won't work and you'll need to request a reset. > > >> > > > > >> > > Recently we were down for a few days due to a SQL injection attack, > > >> > > where > > >> > > user account passwords were compromised. > > >> > > > > >> > > To best protect everyone's account and project data all user > > >> > > passwords > > >> > > in the > > >> > > system have been reset and we've reverted > > >> > > Savannah to its backup from Nov 23rd. > > >> > > > > >> > > A more detailed postmortem will be coming shortly. > > >> > > > > >> > > > > >> > > > > >> > > _______________________________________________ > > >> > > Message sent via/by Savannah > > >> > > http://savannah.gnu.org/ > > >> > > > > >> > > > > >> > > > > >> > > > > >> > Thanks for your great work ! > > >> > > > >> > > >> Thanks for your great work ! > > >> People which are against Freedom are a bit non human. > > >> > > >> -- > > >> Aurelien DESBRIERES > > >> http://groups.fsf.org/wiki/User:Aurelien > > >> Freedom is not just a word, it's a duty. > > >> > > >> > > > > > > > > > > > -- > > - Luiji Maryo (a.k.a. Brain Boy) > > Visit me at http://brainboyblogger.blogspot.com/. >
