newsNews: Gna! frontend back - change your passwords

 
 
Show feedback again
Latest News
dl/home/cvs/svn/www.gna.org upgraded to debian8 posted by beuc, Thu 21 May 2015 10:12:23 PM UTC - 0 replies
Gna.org SSL certificate renewed posted by zerodeux, Thu 24 Apr 2014 07:13:06 AM UTC - 0 replies
Heartbleed status and measures posted by beuc, Wed 09 Apr 2014 09:47:29 AM UTC - 0 replies
mail subsystem automatically reinstalled posted by beuc, Sat 08 Mar 2014 11:02:17 PM UTC - 0 replies
Reboot posted by beuc, Tue 04 Mar 2014 10:14:15 PM UTC - 2 replies
[123 news in archive]

Gna! frontend back - change your passwords

Item posted by Beuc <beuc> on Thu 02 Dec 2010 10:24:16 PM UTC.

Following the password compromise at Savannah, which is also running the Savane Forge, we took the frontend down so we could investigate.

The (earlier) version at Gna! appears not to be impacted by the SQL injection. However it also uses (weak) MD5 hashes for storing encrypted passwords.

We took this opportunity to upgrade Savane, and have reset the passwords for safety (all the more since some people have the same password on both websites). We now use crypt(3) with SHA-512.

To change your password, you need to click on "Login" link on the left, and then on "Lost your password?".

Comments:

fitness kleidung (posted by sadermop vinane, Sat 23 May 2015 11:47:11 AM UTC)

Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your blog? My blog is in the exact same niche as yours and my users would really benefit from some of the information you provide here. Please let me know if this ok with you
http://www.bemuscular.net

[ Reply ]


lasagna (posted by sadermop vinane, Sat 23 May 2015 11:16:57 AM UTC)

Your new valuable key points implies much a person like me and extremely more to my office workers. With thanks; from everyone of us.
https://oyumm.com

[ Reply ]


Private proxy (posted by sadermop vinane, Sat 23 May 2015 08:17:47 AM UTC)

I ‘d mention that most of us visitors are really endowed to exist in a fabulous place with very many wonderful individuals with very helpful things.
http://www.proxy-n-vpn.com/buy-proxies/private-proxies/

[ Reply ]


lol accounts (posted by sadermop vinane, Sat 23 May 2015 07:46:18 AM UTC)

Those guidelines additionally worked to become a good way to recognize that other people online have the identical fervor like mine to grasp great deal more around this condition.
http://eloedge.com

[ Reply ]


chalk markers fine tip (posted by sadermop vinane, Fri 22 May 2015 08:58:49 AM UTC)

Thank you a lot for providing individuals with a very spectacular possibility to read critical reviews from this site.
http://www.amazon.com/Chalk-ColorTM-Liquid-Marker-Pens/dp/B00MCE4XW8/

[ Reply ]


bistro chalk ink pens (posted by sadermop vinane, Fri 22 May 2015 08:58:22 AM UTC)

I feel really happy to have seen your webpage and look forward to so many more entertaining times reading here. Thanks once more for all the details.
<a href="http://www.amazon.com/Chalk-ColorTM-Liquid-Marker-Pens/dp/B00MCE4XW8/">bistro chalk ink pens</a>

[ Reply ]


I am still logged in. (posted by George Koehler, Thu 02 Dec 2010 10:27:37 PM UTC)

I looked for the "Login" link on the left, but it was not there. Then I noticed that I am still "Logged in as kernigh".

I guess that I need to click "Logout", then click "Login", then click "Lost your password?"

[ Reply ]


   

 

Start a New Thread:

You could post if you were logged in
Show feedback again

Back to the top


Powered by Savane 3.1-cleanup