date:20100406

[PATCH] Adding aliases for fedorahosted

2010-04-06 Thread Mike McGrath

This is a minor change, easy to revert.  This is a minor security issue 
mentioned in #2046

2+1's?
---
 modules/ssh/files/ssh_known_hosts |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/modules/ssh/files/ssh_known_hosts 
b/modules/ssh/files/ssh_known_hosts
index 5c9cb65..4edaf45 100644
--- a/modules/ssh/files/ssh_known_hosts
+++ b/modules/ssh/files/ssh_known_hosts
@@ -174,7 +174,7 @@
 66.35.62.162,192.168.1.7,proxy3.fedoraproject.org,proxy3 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw==
 66.35.62.164,smtp-mm2.fedoraproject.org,smtp-mm2 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAp+1RIkE3VKgvXTVDxb6M4GPnbnyoc4FGTKtqDoh8t2Bn1l0jJPRRNepUHOB8SMpndfq2U+gQFEG71i0EVZNEjXEK3jgYFtH65mPQDYTQkXPKkbWbhYnTVs3z3pGaO4Bazio5Xm9N2XqXbC+fFwyUYhAN9x+OqCN39IEQT0o/DwvsR2Ct2RMC1ITT17UvhDC2mKQGnoxGnXHE+2rpq+1DYMpkSHdQ8h5B76xTAkmmO3iIQ2rrwLt9RJAsA1gIEEF3HXx/BCYk8NfHP38X9H75V1Ui4dldlX7RB3Q0CNkD2YPyArDUcZ1KCIB53hftUojmgTNhPq4ZppWTW/g14Zc9fw==
 66.35.62.166,wildcard.fedoraproject.org,wildcard ssh-rsa 
B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw==
-66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw==
+66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1,fedorahosted.org,git.fedorahosted.org,svn.fedorahosted.org,bzr.fedorahosted.org,hg.fedorahosted.org
 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw==
 66.135.52.84,192.168.1.15,hosted2.fedoraproject.org,hosted2 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAnwvY9LaSl+ScqHLoy5TLvRv7+wm+5UNUSuxSWdEcmIITBC8yfuEQS2OhYoeLvq3jCppYkzMmaVVx/C14yt6yWhu42/63Ckh8BEDWkHTZyZhgUKIgHTDLnZeA1IfXORL0XdNoPgq/ZO5QH+LikX2He3rGgycTQHvEUo9nCc1VCPPxFi39FumbrR3jpM7vYntAU2MV53/DdPvVyysTtqCMd2c5IS6iJnhUzrNolNAiCwTbnOezH18Toh2majKTSkN0M8q721YUE1MBavsP6RT/59vp0+hhlPBcQUK84AB8sHNBxayKHhQzU6TIxdiyL4+193BLuVqODGfmMEjj45cjKQ==
 66.135.55.241,192.168.1.30,serverbeach4.fedoraproject.org,serverbeach4 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAv8siawFDUtyLnNGsOZTnNsq5DMr6jiDClSL++dMdm+r3FofHDQ2PASb3Wa/iuxNyT+Os1cPtBrsPJlIb251nQpTn30N7wD4iWocFsRMDwhZ3kTaz2PUVg1MvTGqNMhwrxVrSarP+Q7sVrwaguxDo1CUijiS+QtGsy2Xf2kD0+w8lHAUYxYihZG0wB1aJu4tJwvlGQkSrrUoyF1m83IVmvIUqgkv4jnGLeaG45gWU9bDMzZztSbKRe6bBZJHK2VqrL+jPqxL/nDTecZJ7eq3jX0pDw/cR1/Jd+wKhD29+vmfD2tKH7oOWDLWWbb7iVfGXUCVguWwpDl2Pp60Z2jptFQ==
 66.135.55.242,192.168.1.31,serverbeach5.fedoraproject.org,serverbeach5 ssh-rsa 
B3NzaC1yc2EBIwAAAQEAt8/5QF2P6S4ttkEzAC2U2+vvG3Jzv0P4cdLVIjhT4cSAZy2LR9LvzjGujQNzQaymcAm56hzel2segibOcJgzHCV0pbIr2vNqEGSYiU1L/qeKSXKi7Lh0bGtOy6YRqQqhI03Kg4bRNUrDqVW0GZbvQZ6aO8ZSALWE5a/MBp39ZzPbm82qNSixbKfHetVlQKqgYg98SK+sGjHMh1MWbDk623VdYtiikmiPxKG4yd0sqAqmZgJDB7aiNIXayf6iqZLHXQbHNo+/2dj6p7XFKInXJfJIVe0cBLqA4dPQokZikottni8Zw7oVSrHn0JGQt7U8r6jQl9kVDXlzEaWrJp0d1w==
-- 
1.6.6.1

___
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

Re: [PATCH] Adding aliases for fedorahosted

2010-04-06 Thread Seth Vidal



On Tue, 6 Apr 2010, Mike McGrath wrote:

 This is a minor change, easy to revert.  This is a minor security issue 
 mentioned in #2046

 2+1's?


+1

-sv

 ---
 modules/ssh/files/ssh_known_hosts |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

 diff --git a/modules/ssh/files/ssh_known_hosts 
 b/modules/ssh/files/ssh_known_hosts
 index 5c9cb65..4edaf45 100644
 --- a/modules/ssh/files/ssh_known_hosts
 +++ b/modules/ssh/files/ssh_known_hosts
 @@ -174,7 +174,7 @@
 66.35.62.162,192.168.1.7,proxy3.fedoraproject.org,proxy3 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw==
 66.35.62.164,smtp-mm2.fedoraproject.org,smtp-mm2 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAp+1RIkE3VKgvXTVDxb6M4GPnbnyoc4FGTKtqDoh8t2Bn1l0jJPRRNepUHOB8SMpndfq2U+gQFEG71i0EVZNEjXEK3jgYFtH65mPQDYTQkXPKkbWbhYnTVs3z3pGaO4Bazio5Xm9N2XqXbC+fFwyUYhAN9x+OqCN39IEQT0o/DwvsR2Ct2RMC1ITT17UvhDC2mKQGnoxGnXHE+2rpq+1DYMpkSHdQ8h5B76xTAkmmO3iIQ2rrwLt9RJAsA1gIEEF3HXx/BCYk8NfHP38X9H75V1Ui4dldlX7RB3Q0CNkD2YPyArDUcZ1KCIB53hftUojmgTNhPq4ZppWTW/g14Zc9fw==
 66.35.62.166,wildcard.fedoraproject.org,wildcard ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAwcwJucG6NlvBYGIMHJmM+YSLf1EicuQaU0RXBZuDDMk3p8hh4b3unm345Z5RA4ztiQF/94opmQhabuka9etvMZHv0am2G5FiJAyTt1pPuILhFLY5Rs67NMlKlX0a0PZInYwSgrG9t2qJRFg9d+wEvG6DXs/U9JiUqcSWolvGTJuwdBY8YeobfMV8U6sG9DYiasXbX6G+5pr4U2ghhU2TNIjVAtyAeK2HYT7SjkU82X6XEqiWdlbIFGKNdTVXk5OWzR7vZnGoYJehU7GKNspCMakCweDEgKgkzIn7JHspO/VgHvQcFMQhHhdHBIOuTKZVPErNT0NmlPlB6/lc5FnRbw==
 -66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw==
 +66.135.52.17,192.168.1.17,hosted1.fedoraproject.org,hosted1,fedorahosted.org,git.fedorahosted.org,svn.fedorahosted.org,bzr.fedorahosted.org,hg.fedorahosted.org
  ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAvrDCEFQAEtTskK4sOxlAX/0PG1+Ykw4yTujyiRd+SOnhcuircuQubdD0PEO11bq0jD9P9cFg67TQ7Y57xBLGHBXlJ7j7lbVsVwmWcN2h9i+U28FjE63QzxvVNFNWs/BIXk+2/20NZj4XxjvldfLTOKEh0srwGiMahzH1URksIq9OfaP9NggbteTd2S3FLd8L8D7sWrsDyD5zzfceoJAs8Tqz4X+5Eqs+56Z3qrnrZkPNkVisJ1AY5FKulGYSAaRLlYvL5kuLs+g0e9NGmm2ivrP+8fE/0k4FAtQjRc3MzB4wcDR0HAu09euwdW+ySWLA99FEmWBEDbkglZ4kmjeTYw==
 66.135.52.84,192.168.1.15,hosted2.fedoraproject.org,hosted2 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAnwvY9LaSl+ScqHLoy5TLvRv7+wm+5UNUSuxSWdEcmIITBC8yfuEQS2OhYoeLvq3jCppYkzMmaVVx/C14yt6yWhu42/63Ckh8BEDWkHTZyZhgUKIgHTDLnZeA1IfXORL0XdNoPgq/ZO5QH+LikX2He3rGgycTQHvEUo9nCc1VCPPxFi39FumbrR3jpM7vYntAU2MV53/DdPvVyysTtqCMd2c5IS6iJnhUzrNolNAiCwTbnOezH18Toh2majKTSkN0M8q721YUE1MBavsP6RT/59vp0+hhlPBcQUK84AB8sHNBxayKHhQzU6TIxdiyL4+193BLuVqODGfmMEjj45cjKQ==
 66.135.55.241,192.168.1.30,serverbeach4.fedoraproject.org,serverbeach4 
 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAv8siawFDUtyLnNGsOZTnNsq5DMr6jiDClSL++dMdm+r3FofHDQ2PASb3Wa/iuxNyT+Os1cPtBrsPJlIb251nQpTn30N7wD4iWocFsRMDwhZ3kTaz2PUVg1MvTGqNMhwrxVrSarP+Q7sVrwaguxDo1CUijiS+QtGsy2Xf2kD0+w8lHAUYxYihZG0wB1aJu4tJwvlGQkSrrUoyF1m83IVmvIUqgkv4jnGLeaG45gWU9bDMzZztSbKRe6bBZJHK2VqrL+jPqxL/nDTecZJ7eq3jX0pDw/cR1/Jd+wKhD29+vmfD2tKH7oOWDLWWbb7iVfGXUCVguWwpDl2Pp60Z2jptFQ==
 66.135.55.242,192.168.1.31,serverbeach5.fedoraproject.org,serverbeach5 
 ssh-rsa 
 B3NzaC1yc2EBIwAAAQEAt8/5QF2P6S4ttkEzAC2U2+vvG3Jzv0P4cdLVIjhT4cSAZy2LR9LvzjGujQNzQaymcAm56hzel2segibOcJgzHCV0pbIr2vNqEGSYiU1L/qeKSXKi7Lh0bGtOy6YRqQqhI03Kg4bRNUrDqVW0GZbvQZ6aO8ZSALWE5a/MBp39ZzPbm82qNSixbKfHetVlQKqgYg98SK+sGjHMh1MWbDk623VdYtiikmiPxKG4yd0sqAqmZgJDB7aiNIXayf6iqZLHXQbHNo+/2dj6p7XFKInXJfJIVe0cBLqA4dPQokZikottni8Zw7oVSrHn0JGQt7U8r6jQl9kVDXlzEaWrJp0d1w==
 -- 
 1.6.6.1

 ___
 infrastructure mailing list
 infrastructure@lists.fedoraproject.org
 https://admin.fedoraproject.org/mailman/listinfo/infrastructure

___
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

Re: blogs.fedoraproject.org and planet

2010-04-06 Thread Luca Foppiano

On 03/14/2010 10:48 AM, Luca Foppiano wrote:

 Hi, I worked a bit on the theme and I produced some patches (in attachment):
 
 - added caption style for images (I basically copied from the default theme)
 - fixed some links (you should test it because I didn't on fedora
 infrastructure wordpress
 - update the screenshot (I wrongly committed twice so we have two
 patches but one is not used, sorry but is too long time I'm not using git)
 
 Please give a check and let me know if is ok.
 
 Thanks
 Luca
 

Any ffeedback to this email?
Does anybody read it? Does anybody look at the patches?

Let me know
Luca
___
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

FW: [MediaWiki-announce] MediaWiki security update: 1.15.3 and 1.16.0beta2

2010-04-06 Thread Matt_Domsch

ugh - more CSRF breakage.

--
Matt Domsch
Technology Strategist
Dell | Office of the CTO

From: mediawiki-announce-boun...@lists.wikimedia.org 
[mediawiki-announce-boun...@lists.wikimedia.org] On Behalf Of Tim Starling 
[tstarl...@wikimedia.org]
Sent: Tuesday, April 06, 2010 8:03 PM
To: mediawik...@lists.wikimedia.org; wikitec...@lists.wikimedia.org; 
mediawiki-annou...@lists.wikimedia.org
Subject: [MediaWiki-announce] MediaWiki security update: 1.15.3 and 
1.16.0beta2

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

This is a security and bugfix release of MediaWiki 1.15.3 and MediaWiki
1.16.0beta2.

MediaWiki was found to be vulnerable to login CSRF. An attacker who
controls a user account on the target wiki can force the victim to log
in as the attacker, via a script on an external website. If the wiki is
configured to allow user scripts, say with $wgAllowUserJs = true in
LocalSettings.php, then the attacker can proceed to mount a
phishing-style attack against the victim to obtain their password.

Even without user scripting, this attack is a potential nuisance, and so
all public wikis should be upgraded if possible.

Our fix includes a breaking change to the API login action. Any clients
using it will need to be updated. We apologise for making such a
disruptive change in a minor release, but we feel that security is
paramount.

For more details see https://bugzilla.wikimedia.org/show_bug.cgi?id=23076

**
  1.15.3
**

Full release notes:
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_15_3/phase3/RELEASE-NOTES

Download:
http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.tar.gz

Patch to previous version (1.15.2), without interface text:
http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz
Interface text changes:
http://download.wikimedia.org/mediawiki/1.15/mediawiki-i18n-1.15.3.patch.gz

GPG signatures:
http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.tar.gz.sig
http://download.wikimedia.org/mediawiki/1.15/mediawiki-1.15.3.patch.gz.sig
http://download.wikimedia.org/mediawiki/1.15/mediawiki-i18n-1.15.3.patch.gz.sig

Public keys:
https://secure.wikimedia.org/keys.html

**
  1.16.0beta2
**
Full release notes:
http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_0beta2/phase3/RELEASE-NOTES

Download:
http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.tar.gz

Patch to previous version (1.16.0beta1), without interface text:
http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz
Interface text changes:
http://download.wikimedia.org/mediawiki/1.16/mediawiki-i18n-1.16.0beta2.patch.gz

GPG signatures:
http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.tar.gz.sig
http://download.wikimedia.org/mediawiki/1.16/mediawiki-1.16.0beta2.patch.gz.sig
http://download.wikimedia.org/mediawiki/1.16/mediawiki-i18n-1.16.0beta2.patch.gz.sig

Public keys:
https://secure.wikimedia.org/keys.html


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAku72c0ACgkQgkA+Wfn4zXmmywCgg93Qn9fFiBZmMjfFfRXtQAAY
/2kAn3mnedysUErnHt59Va2rGHuSJUzf
=Ytqc
-END PGP SIGNATURE-


___
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
___
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

[PATCH] Adding aliases for fedorahosted

Re: [PATCH] Adding aliases for fedorahosted

Re: blogs.fedoraproject.org and planet

FW: [MediaWiki-announce] MediaWiki security update: 1.15.3 and 1.16.0beta2

4 matches

Site Navigation

Mail list logo

Footer information