[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-users] * RESET YOUR PASSWORD * - And we're back!
From: |
Michael J. Flickinger |
Subject: |
[Savannah-users] * RESET YOUR PASSWORD * - And we're back! |
Date: |
Thu, 02 Dec 2010 20:02:42 +0000 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101101 IceCat/3.6.12 (like Firefox/3.6.12) |
Your password won't work and you'll need to request a reset.
Recently we were down for a few days due to a SQL injection attack, where
user account passwords were compromised.
To best protect everyone's account and project data all user passwords in the
system have been reset and we've reverted
Savannah to its backup from Nov 23rd.
A more detailed postmortem will be coming shortly.
Note: due to a PHP limitation in the crypt(3) in PHP 5.2 [1], some hashes
were not properly generated. The password is still secure, but we'll see
about regenerating it automatically next time you login. Meanwhile, the issue
is now addressed [2] and you can regenerate it right now.
[1] http://fr2.php.net/crypt
[2]
http://git.savannah.gnu.org/cgit/savane-cleanup.git/commit/?id=9391f4ac107a845a24386f40fea015eeeeb1bae8
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
- [Savannah-users] * RESET YOUR PASSWORD * - And we're back!,
Michael J. Flickinger <=