[Project_owners] [URGENT] Action required: mozdev security flaw

Eric H. Jung eric.jung at yahoo.com
Mon Sep 27 09:46:05 PDT 2010


It has been brought to the attention of the mozdev board of directors,
system administrators, and volunteers that the mozdev.org hosting code has
critical security flaws. The short-term fix is to *immediately *disable PHP
on mozdev project pages except for those projects that:

1. Explicitly request PHP enabled for their project by emailing
sysadmin at mozdev.org,
2. Are granted such request by executive decision of mozdev.org's board,
system administrators, and/or volunteers.

If you require PHP for your project, please email sysadmin at mozdev.org. We
will not be waiting to hear from you; PHP is being disabled *today*.

We apologize for the short notice, but we have information that
mozdev.orgmay be attacked by nefarious individuals.

Kind regards,
Eric Jung
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/project_owners/attachments/20100927/5bdd6cf8/attachment.html>

More information about the Project_owners mailing list