[Project_owners] [URGENT] Action required: mozdev security flaw
mycroft.mozdev.org at gmail.com
Tue Sep 28 16:40:59 PDT 2010
and how does that actually improve security!?
On 29 September 2010 00:40, Mycroft Project
<mycroft.mozdev.org at gmail.com> wrote:
> That's not a workable solution.
> All Mycroft files request updates from a .php file.
> I'm currently seeing near total bustage and am consequently pretty pissed off.
> If someone comes and finds me on IRC I'd be grateful.
> On 29 September 2010 00:22, Eric H. Jung <eric.jung at yahoo.com> wrote:
>> For any projects that now have PHP enabled, please rename files ending in
>> .php to .html. Files with the .php extension no longer execute through the
>> PHP interpreter.
>> On Mon, Sep 27, 2010 at 12:46 PM, Eric H. Jung <eric.jung at yahoo.com> wrote:
>>> It has been brought to the attention of the mozdev board of directors,
>>> system administrators, and volunteers that the mozdev.org hosting code has
>>> critical security flaws. The short-term fix is to immediately disable PHP on
>>> mozdev project pages except for those projects that:
>>> 1. Explicitly request PHP enabled for their project by emailing
>>> sysadmin at mozdev.org,
>>> 2. Are granted such request by executive decision of mozdev.org's board,
>>> system administrators, and/or volunteers.
>>> If you require PHP for your project, please email sysadmin at mozdev.org. We
>>> will not be waiting to hear from you; PHP is being disabled *today*.
>>> We apologize for the short notice, but we have information that mozdev.org
>>> may be attacked by nefarious individuals.
>>> Kind regards,
>>> Eric Jung
>> Project_owners mailing list
>> Project_owners at mozdev.org
> Charles Caygill
> Mycroft Project Owner
Mycroft Project Owner
More information about the Project_owners