Hackers too over the Gentoo Linux Github repository

Popular Linux distribution Gentoo has been completely “totally pwned” according to researchers at Sophos and none of the current code can be trusted. The team immediately posted an update and noted that none of the real code has been compromised. However, they have pulled the Github repository until they can upload a fresh copy of the unadulterated code.

“Today 28 June at approximately 20:20 UTC unknown individuals have gained control of the Github Gentoo organization, and modified the content of repositories as well as pages there. We are still working to determine the exact extent and to regain control of the organization and its repositories. All Gentoo code hosted on github should for the moment be considered compromised,” wrote Gentoo administrators. “This does NOT affect any code hosted on the Gentoo infrastructure. Since the master Gentoo ebuild repository is hosted on our own infrastructure and since Github is only a mirror for it, you are fine as long as you are using rsync or webrsync from gentoo.org.”

None of the code is permanently damaged because the Gentoo admins kept their own copy of the code. Gentoo stated that the compromised code could contain malware and bugs and that users should avoid the Github version until it is reinstated.

“The Gentoo Infrastructure team have identified the ingress point, and locked out the compromised account,” wrote the admins. Three Github repositories containing the Gentoo code, Musl, and systemd. All of these repositories are being “reset back to a known good state:.”

Tech Stories Are Here.

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

©2018 VivaLasGidi

Design by Deo360.com

Welcome neighbour!

Log in with your credentials

or    

Forgot your details?

Create Account