phpbb update
phpBB 3.0.11 is now available updating your forum makes it stable and fixes security bugs We provide paid support to phpBB forums owners , we are happy to help you in any issue related to your forum administration or any technical issues. if you are interested in our services , or have any questions , please reply to us Thank you -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/7e95bd823118f2a88ed9e07a19821d33@198.154.114.242
Re: wiki.debian.org password reset
On Sun, Jan 06, 2013 at 10:39:31PM +, Luca Filipozzi wrote: > Please recall our recent email regarding the moinmoin [1] vulnerability [2] > and > the penetration of Debian's wiki [3]. We have reset all password hashes and > sent individual notification to all Debian wiki account holders with > instructions on how to recover (and thereby reset) their passwords [4]. More > technical details about the attack are available [5]. Thanks. I noticed that my passwords on wiki.debian.org and wiki.debconf.org were identical, but my password on wiki.debconf.org had not been automatically reset. Perhaps it's worth auditing for this, since I suspect this is not uncommon? -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130107211909.gk21...@riva.dynamic.greenend.org.uk
Re: wiki.debian.org password reset
On Mon, Jan 07, 2013 at 09:19:09PM +, Colin Watson wrote: >On Sun, Jan 06, 2013 at 10:39:31PM +, Luca Filipozzi wrote: >> Please recall our recent email regarding the moinmoin [1] vulnerability [2] >> and >> the penetration of Debian's wiki [3]. We have reset all password hashes and >> sent individual notification to all Debian wiki account holders with >> instructions on how to recover (and thereby reset) their passwords [4]. More >> technical details about the attack are available [5]. > >Thanks. I noticed that my passwords on wiki.debian.org and >wiki.debconf.org were identical, but my password on wiki.debconf.org had >not been automatically reset. Perhaps it's worth auditing for this, >since I suspect this is not uncommon? Hi Colin, That's a nice idea, but the two wikis are entirely separate and both store hashed passwords. It's difficult for us to tell if users are using the same passwords on each system. -- Steve McIntyre, Cambridge, UK.st...@einval.com You lock the door And throw away the key There's someone in my head but it's not me -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130107225419.gv4...@einval.com
Re: wiki.debian.org password reset
On Mon, Jan 07, 2013 at 10:54:19PM +, Steve McIntyre wrote: > On Mon, Jan 07, 2013 at 09:19:09PM +, Colin Watson wrote: > >On Sun, Jan 06, 2013 at 10:39:31PM +, Luca Filipozzi wrote: > >> Please recall our recent email regarding the moinmoin [1] vulnerability > >> [2] and > >> the penetration of Debian's wiki [3]. We have reset all password hashes > >> and > >> sent individual notification to all Debian wiki account holders with > >> instructions on how to recover (and thereby reset) their passwords [4]. > >> More > >> technical details about the attack are available [5]. > > > >Thanks. I noticed that my passwords on wiki.debian.org and > >wiki.debconf.org were identical, but my password on wiki.debconf.org had > >not been automatically reset. Perhaps it's worth auditing for this, > >since I suspect this is not uncommon? > > Hi Colin, > > That's a nice idea, but the two wikis are entirely separate and both > store hashed passwords. It's difficult for us to tell if users are > using the same passwords on each system. Ah, fair enough. Damn that security ;-) -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-www-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130107231420.gl21...@riva.dynamic.greenend.org.uk
