David Eriksson
2011-02-13 13:18:17 UTC
Hi,
Anyone who can do this for SynCE?
Best regards,
David Eriksson
http://www.divideandconquer.se/
---------- Forwarded message ----------
From: <***@sourceforge.net>
Date: Fri, Feb 11, 2011 at 21:08
Subject: SourceForge.net SCM Validation Notification
To: ...
Hello,
Please review this notice and contact us at ***@geek.net with
any concerns.
There was recently an attack on SourceForge systems as detailed here:
http://sourceforge.net/blog/sourceforge-attack-full-report
As a SourceForge user, you should already have received notice of our password
reset event, also noted on the sourceforge.net login page.
As a precautionary measure, part of our response has been to examine all
project SCM data. We have identified files modified during the attack window
(most likely modified legitimately by your project team), and have performed
manual review of the diffs. Diffs have been reviewed by our staff for a larger
time period than the attack window as further precaution -- we reviewed
2011-01-24 23:59:59 UTC through 2011-01-29 07:00:00 UTC.
We didn't find anything which raised concern. Your project's subversion
repository, located at http://synce.svn.sourceforge.net/viewvc/synce/
did have changes during this time window, so we encourage you to review the
contents of your repository as an added precaution, particularly since you have
more direct knowledge of your team's activities, practices and code base.
We are providing access to a backup of your repository data made prior to the
incident for repositories that were modified. This data is accessible through
the shell service at the path of /home/validation/synce. Shell service
usage documentation is available here:
http://sourceforge.net/apps/trac/sourceforge/wiki/Shell%20service
If you have concerns or require assistance in data validation, please contact
us at ***@geek.net
Thank you,
SourceForge.net staff
Anyone who can do this for SynCE?
Best regards,
David Eriksson
http://www.divideandconquer.se/
---------- Forwarded message ----------
From: <***@sourceforge.net>
Date: Fri, Feb 11, 2011 at 21:08
Subject: SourceForge.net SCM Validation Notification
To: ...
Hello,
Please review this notice and contact us at ***@geek.net with
any concerns.
There was recently an attack on SourceForge systems as detailed here:
http://sourceforge.net/blog/sourceforge-attack-full-report
As a SourceForge user, you should already have received notice of our password
reset event, also noted on the sourceforge.net login page.
As a precautionary measure, part of our response has been to examine all
project SCM data. We have identified files modified during the attack window
(most likely modified legitimately by your project team), and have performed
manual review of the diffs. Diffs have been reviewed by our staff for a larger
time period than the attack window as further precaution -- we reviewed
2011-01-24 23:59:59 UTC through 2011-01-29 07:00:00 UTC.
We didn't find anything which raised concern. Your project's subversion
repository, located at http://synce.svn.sourceforge.net/viewvc/synce/
did have changes during this time window, so we encourage you to review the
contents of your repository as an added precaution, particularly since you have
more direct knowledge of your team's activities, practices and code base.
We are providing access to a backup of your repository data made prior to the
incident for repositories that were modified. This data is accessible through
the shell service at the path of /home/validation/synce. Shell service
usage documentation is available here:
http://sourceforge.net/apps/trac/sourceforge/wiki/Shell%20service
If you have concerns or require assistance in data validation, please contact
us at ***@geek.net
Thank you,
SourceForge.net staff