You are receiving this e-mail because a request has been made to change the gravatar.com password associated with this address (opensuse-project@opensuse.org). If you would like to reset the password for this account simply click on the link below or paste it into the url field on your favorite browser:
https://en.gravatar.com/account/change-password/47024288/4d10bace44
If you didn't request this email then you can just ignore it -- your details have not been disclosed to anyone. If you have any questions about the system, feel free to contact us anytime at support@gravatar.com.
The Gravatar Team, An Automattic joint.
Gravatar wrote:
You are receiving this e-mail because a request has been made to change the gravatar.com password associated with this address (opensuse-project@opensuse.org). If you would like to reset the password for this account simply click on the link below or paste it into the url field on your favorite browser:
These guys are persistent, huh? Won't take them to get blacklisted around the world like that.
On Friday 08 Mar 2013 08:27:07 Per Jessen wrote:
Gravatar wrote:
You are receiving this e-mail because a request has been made to change the gravatar.com password associated with this address (opensuse-project@opensuse.org). If you would like to reset the password for this account simply click on the link below or paste it
into the url field on your favorite browser:
These guys are persistent, huh? Won't take them to get blacklisted around the world like that.
I'm responsible for one of these requests but not the setting up of the gravatar account. It would seem that someone has created a gravatar account using opensuse-project@o.o as the account identifier and I was able to reset the account password and login to gravatar using the opensuse-project@o.o address as my username.
This is problematic because a malicious person may have had the intention to use an offensive or misleading avatar image and post on anyone of the hundreds of thousands of blogs, forums and social media sites that use gravatar avatar icons.
CC'ing admin@o.o on this as other ML's may be succeptable to this too, looks like a reasonable fix is to redirect all ML incoming mail from gravatar to admin@o.o
Cheers the noo, Graham
-
Graham Anderson -
Gravatar -
Per Jessen