Hi,
I've not seen any email notification from sourceforge regarding this - nor
does it appear to be on slashdot, but from:
http://sourceforge.net/docman/display_doc.php?docid=2352&group_id=1
( 2006-07-13 09:23:52 - Project CVS Service, Project Shell Service, Project
Subversion (SVN) Service, SourceForge.net Web Site ) A recent kernel
exploit was released that allowed a non admin user to escalate privileges on
the host pr-shell1. We urge all users who frequent this host to change their
password immediately and check their project group space for any tampering.
As a precaution, we have blocked access to all project resources by password
until the user resets their password. After the password has been reset,
project resources should be accessible within 5 minutes.
Posted because I thought people might appreciate knowing...
Michael.
--
Michael Sparks, Senior Research Engineer, BBC Research, Technology Group
michael.sparks@xxxxxxxxxxxx, Kamaelia Project Lead, http://kamaelia.sf.net/
http://www.bbc.co.uk/
This e-mail (and any attachments) is confidential and may contain
personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the
BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
|
