I ran across an article this morning describing how Homebrew was hacked with a
few minutes effort:
https://medium.com/@vesirin/how-i-gained-commit-access-to-homebrew-in-30-minutes-2ae314df03ab
Has anybody checked to see if we have any similar exposures in the MacPorts
infrastructure?
Craig
On Wed, 8 Aug 2018 11:11:56 -0400 Craig Treleaven
wrote:
> I ran across an article this morning describing how Homebrew was
> hacked with a few minutes effort:
>
> https://medium.com/@vesirin/how-i-gained-commit-access-to-homebrew-in-30-minutes-2ae314df03ab
See also: https://brew.sh/2018/08/05/s
On Wed, 8 Aug 2018 12:52:45 -0400 "Perry E. Metzger"
wrote:
> On Wed, 8 Aug 2018 11:11:56 -0400 Craig Treleaven
> wrote:
> > I ran across an article this morning describing how Homebrew was
> > hacked with a few minutes effort:
> >
> > https://medium.com/@vesirin/how-i-gained-commit-access-to-ho
On Aug 5, 2018, at 8:59 AM, Joshua Root wrote:
>
> Does ipython still need a gnureadline dependency now that it's using
> prompt_toolkit? All mention of readline seems to have been removed from
> the setup.py at least.
I’m no expert, but it certainly appears to no longer be needed.
From the do
On Wed, 8 Aug 2018, Perry E. Metzger wrote:
BTW, in addition to these sorts of infrastructure issues, it might be a
good idea if we were more expeditious and systematic about updating
ports with known security holes. We might want a security officer role,
too.
Which FreeBSD has had for years
On Aug 8, 2018, at 5:12 PM, Dave Horsfall wrote:
> On Wed, 8 Aug 2018, Perry E. Metzger wrote:
>> BTW, in addition to these sorts of infrastructure issues, it might be a good
>> idea if we were more expeditious and systematic about updating ports with
>> known security holes. We might want a sec
On Aug 8, 2018, at 10:11, Craig Treleaven wrote:
> I ran across an article this morning describing how Homebrew was hacked with
> a few minutes effort:
>
> https://medium.com/@vesirin/how-i-gained-commit-access-to-homebrew-in-30-minutes-2ae314df03ab
>
> Has anybody checked to see if we have