I didn't. Just wanted to say that if you didn't do it already. I didn't have time to check the Savane code when I had sent that message.
On Fri, Dec 3, 2010 at 9:58 AM, Sylvain Beucler <[email protected]> wrote: > Hi, > > Did you check the Savane source code? > (since that's what we do already) > > - Sylvain > > On Fri, Dec 03, 2010 at 12:41:56PM +0100, Martin Jernberg wrote: >> >> send the mail to the mailinglist and not me, but iam kind and forwarding it >> :) >> >> > Date: Thu, 2 Dec 2010 18:54:41 -0500 >> > Subject: Re: [Savannah-users] * RESET YOUR PASSWORD * - And we're back! >> > From: [email protected] >> > To: [email protected] >> > >> > SQL injection attacks suck. I don't know if Savane does this already, >> > but you guys should try to keep all the SQL code in a single >> > database.php file and provide useful functions so that all of the SQL >> > execution can be found in one place and security audits can be done >> > more easily. >> > >> > My 0.00000005 cents. >> > >> > On Thu, Dec 2, 2010 at 6:14 PM, Martin Jernberg <[email protected]> wrote: >> > > ah good you fixed it thanks, to bad lamers destroys great things :( >> > > >> > >> Subject: Re: [Savannah-users] * RESET YOUR PASSWORD * - And we're back! >> > >> From: [email protected] >> > >> To: [email protected] >> > >> Date: Thu, 2 Dec 2010 19:22:51 +0100 >> > >> >> > >> On Thu, 2010-12-02 at 18:46 +0100, Skami 18 wrote: >> > >> > Le 02/12/2010 05:23, Michael J. Flickinger a écrit : >> > >> > > Your password won't work and you'll need to request a reset. >> > >> > > >> > >> > > Recently we were down for a few days due to a SQL injection attack, >> > >> > > where >> > >> > > user account passwords were compromised. >> > >> > > >> > >> > > To best protect everyone's account and project data all user >> > >> > > passwords >> > >> > > in the >> > >> > > system have been reset and we've reverted >> > >> > > Savannah to its backup from Nov 23rd. >> > >> > > >> > >> > > A more detailed postmortem will be coming shortly. >> > >> > > >> > >> > > >> > >> > > >> > >> > > _______________________________________________ >> > >> > > Message sent via/by Savannah >> > >> > > http://savannah.gnu.org/ >> > >> > > >> > >> > > >> > >> > > >> > >> > > >> > >> > Thanks for your great work ! >> > >> > >> > >> >> > >> Thanks for your great work ! >> > >> People which are against Freedom are a bit non human. >> > >> >> > >> -- >> > >> Aurelien DESBRIERES >> > >> http://groups.fsf.org/wiki/User:Aurelien >> > >> Freedom is not just a word, it's a duty. >> > >> >> > >> >> > > >> > >> > >> > >> > -- >> > - Luiji Maryo (a.k.a. Brain Boy) >> > Visit me at http://brainboyblogger.blogspot.com/. >> > > -- - Luiji Maryo (a.k.a. Brain Boy) Visit me at http://brainboyblogger.blogspot.com/.
