[Project_owners] [URGENT] Action required: mozdev security flaw

David White whitedavidp at yahoo.com
Mon Sep 27 17:36:14 PDT 2010


No worries. Thanks!

David Boswell wrote:
> Apologies for that -- the sysadmin list is moderated and I just approved several 
> requests.
>
>
>
>
>   
>> I did but got a reply email saying that my message required approval for 
>> some reason. Wanting to be sure my message got through, I replied to the 
>> list.
>>
>> David
>>
>> Eric H. Jung wrote:
>>     
>>> David,
>>>
>>>  I guess you didn't read my email closely. Please follow step #1.
>>>
>>>  Thanks,
>>> Eric
>>>
>>>
>>> On Mon, Sep 27, 2010 at 1:57 PM,  David White <whitedavidp at yahoo.com 
>>>  <mailto:whitedavidp at yahoo.com>>  wrote:
>>>
>>>     ThunderPlunger requires PHP so please do  not disable there. Thanks
>>>
>>>     Eric H. Jung  wrote:
>>>
>>>         Hello,
>>>
>>>          It has been brought to the attention of the mozdev board  of
>>>         directors, system administrators, and  volunteers that the
>>>         mozdev.org <http://mozdev.org> <http://mozdev.org>  hosting
>>>         code has critical security flaws.  The short-term fix is to
>>>         /immediately  /disable PHP on mozdev project pages except for
>>>          those projects that:
>>>
>>>         1.  Explicitly request PHP enabled for their project by
>>>          emailing sysadmin at mozdev.org <mailto:sysadmin at mozdev.org>
>>>          <mailto:sysadmin at mozdev.org <mailto:sysadmin at mozdev.org>>,
>>>          and
>>>         2. Are granted  such request by executive decision of
>>>          mozdev.org <http://mozdev.org> <http://mozdev.org>'s board,
>>>         system  administrators, and/or volunteers.
>>>
>>>          If you require PHP for your project, please email
>>>         sysadmin at mozdev.org <mailto:sysadmin at mozdev.org>
>>>          <mailto:sysadmin at mozdev.org <mailto:sysadmin at mozdev.org>>.  We
>>>         will not be waiting to hear from you; PHP  is being disabled
>>>          *today*.
>>>
>>>         We apologize for the short  notice, but we have information
>>>         that  mozdev.org <http://mozdev.org> <http://mozdev.org> may be
>>>         attacked  by nefarious individuals.
>>>
>>>         Kind  regards,
>>>         Eric Jung
>>>           
>>>       
>> ------------------------------------------------------------------------
>>     
>>>           _______________________________________________
>>>          Project_owners mailing list
>>>        Project_owners at mozdev.org <mailto:Project_owners at mozdev.org>
>>>         https://www.mozdev.org/mailman/listinfo/project_owners
>>>           
>>>
>>>
>>>  ------------------------------------------------------------------------
>>>
>>>  _______________________________________________
>>> Project_owners mailing  list
>>> Project_owners at mozdev.org
>>> https://www.mozdev.org/mailman/listinfo/project_owners
>>>  
>>>       
>> _______________________________________________
>> Project_owners mailing  list
>> Project_owners at mozdev.org
>> https://www.mozdev.org/mailman/listinfo/project_owners
>>
>>     
> _______________________________________________
> Project_owners mailing list
> Project_owners at mozdev.org
> https://www.mozdev.org/mailman/listinfo/project_owners
>
>   


More information about the Project_owners mailing list