Sourceforge and apache.org compromised

[David Talkington <dtalk prairienet org>]

-----BEGIN PGP SIGNED MESSAGE-----


FYI, recent announcements have been made that both Sourceforge and the
Apache Foundation have been compromised.  A compromised account at
Sourceforge was used to gain entry to apache.org.  The Apache folks
are confident that their code repository wasn't affected, but
Sourceforge isn't so sure.

Both announcements were made on freebsd-security and openbsd-announce,
among other places; archives of those lists will have further
information.  In addition, the Apache Foundation incident was posted
to Bugtraq, whose archives may be found at
http://www.securityfocus.com.

- -d

- -- 
David Talkington

PGP key: http://www.prairienet.org/~dtalk/dt000823.asc



-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6

iQEVAwUBOxbQz71ZYOtSwT+tAQHDvAgAiNRHVQGVGoXAyp8SzFPksvac82al1Joy
vfUivt7nx29hEHGl/tX7DpQPv6dJTGOEzMGHdTGpzUiM0h3tMBRE/gQcQIWuvQ1Y
9HIzWIPil+NmSpclxF53qoHY8NJXYwgeW07ToxmwOcBOiLJ5kEbVgql2R6uSjKrS
laF9nhYJiiF4lYOwMzdY0ZCmP0Y33wc06cFOrpIFPvaK7HrabqxLKrhF9mCIfkX7
nOt+8itPz3gn+kxQDrntYJEGDM9/Q3VRAdz2XyGkr17BKGJkoFOOFZtdLCd0P9oT
ksdK7cxT5zJYB3VjzcFj0dKM763LLy/bJ391Oab/IstyO+xF3PhC0Q==
=ZLXE
-----END PGP SIGNATURE-----