On 11/04/2011 03:20 PM, Matthew Ehle wrote:
Hi Everyone,
Last night, we received an alert of a possible XSS or iFrame injection issue somewhere on www.opensuse.org or one of the wikis. We temporarily redirected the site and wikis to a maintenance page for about an hour while we assessed the risk and impact of the alert. After learning a little more, we felt that it was not a legitimate alert, and we brought the site back up. I am still waiting on a full report, so that we can figure out what to do for a long term solution.
As a precaution, I am working on an immediate upgrade path to the latest version of Mediawiki and its plugins. I will also be working on upgrading Apache to 2.2.21 on the www and wiki servers.
-Matt
Thanks Matt. One day, someone should also have a look at the lizards.opensuse.org wordpress instance. Which start to be quite outdated now. -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Ambassador GPG KEY : D5C9B751C4653227 irc: tigerfoot -- To unsubscribe, e-mail: opensuse-web+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-web+owner@opensuse.org