[PATCH] Adding aliases for fedorahosted
This is a minor change, easy to revert. This is a minor security issue mentioned in #2046 2+1's? --- modules/ssh/files/ssh_known_hosts |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/modules/ssh/files/ssh_known_hosts b/modules/ssh/files/ssh_known_hosts index 5c9cb65..4edaf45 100644 --- a/modules/ssh/files/ssh_known_hosts +++ b/modules/ssh/files/ssh_known_hosts @@ -174,7 +174,7 @@ 66.35.62.162,192.168.1.7,proxy3.fedoraproject.org,proxy3 ssh-rsa B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw== 66.35.62.164,smtp-mm2.fedoraproject.org,smtp-mm2 ssh-rsa B3NzaC1yc2EBIwAAAQEAp+1RIkE3VKgvXTVDxb6M4GPnbnyoc4FGTKtqDoh8t2Bn1l0jJPRRNepUHOB8SMpndfq2U+gQFEG71i0EVZNEjXEK3jgYFtH65mPQDYTQkXPKkbWbhYnTVs3z3pGaO4Bazio5Xm9N2XqXbC+fFwyUYhAN9x+OqCN39IEQT0o/DwvsR2Ct2RMC1ITT17UvhDC2mKQGnoxGnXHE+2rpq+1DYMpkSHdQ8h5B76xTAkmmO3iIQ2rrwLt9RJAsA1gIEEF3HXx/BCYk8NfHP38X9H75V1Ui4dldlX7RB3Q0CNkD2YPyArDUcZ1KCIB53hftUojmgTNhPq4ZppWTW/g14Zc9fw== 66.35.62.166,wildcard.fedoraproject.org,wildcard ssh-rsa B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw== -66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1 ssh-rsa B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw== +66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1,fedorahosted.org,git.fedorahosted.org,svn.fedorahosted.org,bzr.fedorahosted.org,hg.fedorahosted.org ssh-rsa B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw== 66.135.52.84,192.168.1.15,hosted2.fedoraproject.org,hosted2 ssh-rsa B3NzaC1yc2EBIwAAAQEAnwvY9LaSl+ScqHLoy5TLvRv7+wm+5UNUSuxSWdEcmIITBC8yfuEQS2OhYoeLvq3jCppYkzMmaVVx/C14yt6yWhu42/63Ckh8BEDWkHTZyZhgUKIgHTDLnZeA1IfXORL0XdNoPgq/ZO5QH+LikX2He3rGgycTQHvEUo9nCc1VCPPxFi39FumbrR3jpM7vYntAU2MV53/DdPvVyysTtqCMd2c5IS6iJnhUzrNolNAiCwTbnOezH18Toh2majKTSkN0M8q721YUE1MBavsP6RT/59vp0+hhlPBcQUK84AB8sHNBxayKHhQzU6TIxdiyL4+193BLuVqODGfmMEjj45cjKQ== 66.135.55.241,192.168.1.30,serverbeach4.fedoraproject.org,serverbeach4 ssh-rsa B3NzaC1yc2EBIwAAAQEAv8siawFDUtyLnNGsOZTnNsq5DMr6jiDClSL++dMdm+r3FofHDQ2PASb3Wa/iuxNyT+Os1cPtBrsPJlIb251nQpTn30N7wD4iWocFsRMDwhZ3kTaz2PUVg1MvTGqNMhwrxVrSarP+Q7sVrwaguxDo1CUijiS+QtGsy2Xf2kD0+w8lHAUYxYihZG0wB1aJu4tJwvlGQkSrrUoyF1m83IVmvIUqgkv4jnGLeaG45gWU9bDMzZztSbKRe6bBZJHK2VqrL+jPqxL/nDTecZJ7eq3jX0pDw/cR1/Jd+wKhD29+vmfD2tKH7oOWDLWWbb7iVfGXUCVguWwpDl2Pp60Z2jptFQ== 66.135.55.242,192.168.1.31,serverbeach5.fedoraproject.org,serverbeach5 ssh-rsa B3NzaC1yc2EBIwAAAQEAt8/5QF2P6S4ttkEzAC2U2+vvG3Jzv0P4cdLVIjhT4cSAZy2LR9LvzjGujQNzQaymcAm56hzel2segibOcJgzHCV0pbIr2vNqEGSYiU1L/qeKSXKi7Lh0bGtOy6YRqQqhI03Kg4bRNUrDqVW0GZbvQZ6aO8ZSALWE5a/MBp39ZzPbm82qNSixbKfHetVlQKqgYg98SK+sGjHMh1MWbDk623VdYtiikmiPxKG4yd0sqAqmZgJDB7aiNIXayf6iqZLHXQbHNo+/2dj6p7XFKInXJfJIVe0cBLqA4dPQokZikottni8Zw7oVSrHn0JGQt7U8r6jQl9kVDXlzEaWrJp0d1w== -- 1.6.6.1 ___ infrastructure mailing list infrastructure@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/infrastructure
Re: [PATCH] Adding aliases for fedorahosted
On Tue, 6 Apr 2010, Mike McGrath wrote: This is a minor change, easy to revert. This is a minor security issue mentioned in #2046 2+1's? +1 -sv --- modules/ssh/files/ssh_known_hosts |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/modules/ssh/files/ssh_known_hosts b/modules/ssh/files/ssh_known_hosts index 5c9cb65..4edaf45 100644 --- a/modules/ssh/files/ssh_known_hosts +++ b/modules/ssh/files/ssh_known_hosts @@ -174,7 +174,7 @@ 66.35.62.162,192.168.1.7,proxy3.fedoraproject.org,proxy3 ssh-rsa B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw== 66.35.62.164,smtp-mm2.fedoraproject.org,smtp-mm2 ssh-rsa B3NzaC1yc2EBIwAAAQEAp+1RIkE3VKgvXTVDxb6M4GPnbnyoc4FGTKtqDoh8t2Bn1l0jJPRRNepUHOB8SMpndfq2U+gQFEG71i0EVZNEjXEK3jgYFtH65mPQDYTQkXPKkbWbhYnTVs3z3pGaO4Bazio5Xm9N2XqXbC+fFwyUYhAN9x+OqCN39IEQT0o/DwvsR2Ct2RMC1ITT17UvhDC2mKQGnoxGnXHE+2rpq+1DYMpkSHdQ8h5B76xTAkmmO3iIQ2rrwLt9RJAsA1gIEEF3HXx/BCYk8NfHP38X9H75V1Ui4dldlX7RB3Q0CNkD2YPyArDUcZ1KCIB53hftUojmgTNhPq4ZppWTW/g14Zc9fw== 66.35.62.166,wildcard.fedoraproject.org,wildcard ssh-rsa B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw== -66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1 ssh-rsa B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw== +66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1,fedorahosted.org,git.fedorahosted.org,svn.fedorahosted.org,bzr.fedorahosted.org,hg.fedorahosted.org ssh-rsa B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw== 66.135.52.84,192.168.1.15,hosted2.fedoraproject.org,hosted2 ssh-rsa B3NzaC1yc2EBIwAAAQEAnwvY9LaSl+ScqHLoy5TLvRv7+wm+5UNUSuxSWdEcmIITBC8yfuEQS2OhYoeLvq3jCppYkzMmaVVx/C14yt6yWhu42/63Ckh8BEDWkHTZyZhgUKIgHTDLnZeA1IfXORL0XdNoPgq/ZO5QH+LikX2He3rGgycTQHvEUo9nCc1VCPPxFi39FumbrR3jpM7vYntAU2MV53/DdPvVyysTtqCMd2c5IS6iJnhUzrNolNAiCwTbnOezH18Toh2majKTSkN0M8q721YUE1MBavsP6RT/59vp0+hhlPBcQUK84AB8sHNBxayKHhQzU6TIxdiyL4+193BLuVqODGfmMEjj45cjKQ== 66.135.55.241,192.168.1.30,serverbeach4.fedoraproject.org,serverbeach4 ssh-rsa B3NzaC1yc2EBIwAAAQEAv8siawFDUtyLnNGsOZTnNsq5DMr6jiDClSL++dMdm+r3FofHDQ2PASb3Wa/iuxNyT+Os1cPtBrsPJlIb251nQpTn30N7wD4iWocFsRMDwhZ3kTaz2PUVg1MvTGqNMhwrxVrSarP+Q7sVrwaguxDo1CUijiS+QtGsy2Xf2kD0+w8lHAUYxYihZG0wB1aJu4tJwvlGQkSrrUoyF1m83IVmvIUqgkv4jnGLeaG45gWU9bDMzZztSbKRe6bBZJHK2VqrL+jPqxL/nDTecZJ7eq3jX0pDw/cR1/Jd+wKhD29+vmfD2tKH7oOWDLWWbb7iVfGXUCVguWwpDl2Pp60Z2jptFQ== 66.135.55.242,192.168.1.31,serverbeach5.fedoraproject.org,serverbeach5 ssh-rsa B3NzaC1yc2EBIwAAAQEAt8/5QF2P6S4ttkEzAC2U2+vvG3Jzv0P4cdLVIjhT4cSAZy2LR9LvzjGujQNzQaymcAm56hzel2segibOcJgzHCV0pbIr2vNqEGSYiU1L/qeKSXKi7Lh0bGtOy6YRqQqhI03Kg4bRNUrDqVW0GZbvQZ6aO8ZSALWE5a/MBp39ZzPbm82qNSixbKfHetVlQKqgYg98SK+sGjHMh1MWbDk623VdYtiikmiPxKG4yd0sqAqmZgJDB7aiNIXayf6iqZLHXQbHNo+/2dj6p7XFKInXJfJIVe0cBLqA4dPQokZikottni8Zw7oVSrHn0JGQt7U8r6jQl9kVDXlzEaWrJp0d1w== -- 1.6.6.1 ___ infrastructure mailing list infrastructure@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/infrastructure ___ infrastructure mailing list infrastructure@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/infrastructure
Re: blogs.fedoraproject.org and planet
On 03/14/2010 10:48 AM, Luca Foppiano wrote: Hi, I worked a bit on the theme and I produced some patches (in attachment): - added caption style for images (I basically copied from the default theme) - fixed some links (you should test it because I didn't on fedora infrastructure wordpress - update the screenshot (I wrongly committed twice so we have two patches but one is not used, sorry but is too long time I'm not using git) Please give a check and let me know if is ok. Thanks Luca Any ffeedback to this email? Does anybody read it? Does anybody look at the patches? Let me know Luca ___ infrastructure mailing list infrastructure@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/infrastructure
FW: [MediaWiki-announce] MediaWiki security update: 1.15.3 and 1.16.0beta2
ugh - more CSRF breakage. -- Matt Domsch Technology Strategist Dell | Office of the CTO From: mediawiki-announce-boun...@lists.wikimedia.org [mediawiki-announce-boun...@lists.wikimedia.org] On Behalf Of Tim Starling [tstarl...@wikimedia.org] Sent: Tuesday, April 06, 2010 8:03 PM To: mediawik...@lists.wikimedia.org; wikitec...@lists.wikimedia.org; mediawiki-annou...@lists.wikimedia.org Subject: [MediaWiki-announce] MediaWiki security update: 1.15.3 and 1.16.0beta2 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is a security and bugfix release of MediaWiki 1.15.3 and MediaWiki 1.16.0beta2. MediaWiki was found to be vulnerable to login CSRF. An attacker who controls a user account on the target wiki can force the victim to log in as the attacker, via a script on an external website. If the wiki is configured to allow user scripts, say with $wgAllowUserJs = true in LocalSettings.php, then the attacker can proceed to mount a phishing-style attack against the victim to obtain their password. Even without user scripting, this attack is a potential nuisance, and so all public wikis should be upgraded if possible. Our fix includes a breaking change to the API login action. Any clients using it will need to be updated. We apologise for making such a disruptive change in a minor release, but we feel that security is paramount. For more details see https://bugzilla.wikimedia.org/show_bug.cgi?id=23076 ** 1.15.3 ** Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES Download: http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.tar.gz Patch to previous version (1.15.2), without interface text: http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.15/mediawiki-i18n-1.15.3.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.tar.gz.sig http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz.sig http://download.wikimedia.org/mediawiki/1.15/mediawiki-i18n-1.15.3.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html ** 1.16.0beta2 ** Full release notes: http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES Download: http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.tar.gz Patch to previous version (1.16.0beta1), without interface text: http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz Interface text changes: http://download.wikimedia.org/mediawiki/1.16/mediawiki-i18n-1.16.0beta2.patch.gz GPG signatures: http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.tar.gz.sig http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz.sig http://download.wikimedia.org/mediawiki/1.16/mediawiki-i18n-1.16.0beta2.patch.gz.sig Public keys: https://secure.wikimedia.org/keys.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAku72c0ACgkQgkA+Wfn4zXmmywCgg93Qn9fFiBZmMjfFfRXtQAAY /2kAn3mnedysUErnHt59Va2rGHuSJUzf =Ytqc -END PGP SIGNATURE- ___ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce ___ infrastructure mailing list infrastructure@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/infrastructure