[Project_owners] [URGENT] Action required: mozdev security flaw

Eric H. Jung eric.jung at yahoo.com
Mon Sep 27 09:46:05 PDT 2010


Hello,

It has been brought to the attention of the mozdev board of directors,
system administrators, and volunteers that the mozdev.org hosting code has
critical security flaws. The short-term fix is to *immediately *disable PHP
on mozdev project pages except for those projects that:

1. Explicitly request PHP enabled for their project by emailing
sysadmin at mozdev.org,
and
2. Are granted such request by executive decision of mozdev.org's board,
system administrators, and/or volunteers.

If you require PHP for your project, please email sysadmin at mozdev.org. We
will not be waiting to hear from you; PHP is being disabled *today*.

We apologize for the short notice, but we have information that
mozdev.orgmay be attacked by nefarious individuals.

Kind regards,
Eric Jung
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mozdev.org/pipermail/project_owners/attachments/20100927/5bdd6cf8/attachment.html>


More information about the Project_owners mailing list