Return-Path: Delivered-To: apmail-repository-archive@www.apache.org Received: (qmail 79402 invoked from network); 2 Sep 2009 14:28:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 2 Sep 2009 14:28:15 -0000 Received: (qmail 29730 invoked by uid 500); 2 Sep 2009 14:28:15 -0000 Delivered-To: apmail-repository-archive@apache.org Received: (qmail 29633 invoked by uid 500); 2 Sep 2009 14:28:15 -0000 Mailing-List: contact repository-help@apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: repository@apache.org List-Id: Delivered-To: mailing list repository@apache.org Received: (qmail 29621 invoked by uid 99); 2 Sep 2009 14:28:14 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Sep 2009 14:28:14 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of carlossg@gmail.com designates 209.85.222.175 as permitted sender) Received: from [209.85.222.175] (HELO mail-pz0-f175.google.com) (209.85.222.175) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Sep 2009 14:28:06 +0000 Received: by pzk5 with SMTP id 5so799636pzk.21 for ; Wed, 02 Sep 2009 07:27:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=RSPf8EaRRsGNKzoNN9TOtKzDh3cy9SWOJ34afGKgPZI=; b=GTZJ/48uHncqTQZp4v0HZDUemfGGHi6AGQt817MYKYzjddhBQYol7O/1NlBz7jlC/I OgGZ9Tz4ZfUPElyQo+OiL3c2yJv1NPGjEhvrTD9daEMHjzJxl9H/WZ9vTSElQpL2niCQ Ta4SfJWccCXRY8mi9ASS+fsT6S8TBZeMnLFMI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=Sso+On/9Y4Rrmud0oGg4lQoV2Sy9SgdjVy+pHpm7S4GARMRzmHFt8W1huQFNSyGVxJ nwRoBWt7D4OfaoYBeT4BgM8V5JzbmeR3XPj0crcLUIWen+NBXYgRMTd/7FvJ8UT+cTyq nSJzST/5/ltkiwh9+qYgKwFE89zgc8cnbyzdA= MIME-Version: 1.0 Sender: carlossg@gmail.com Received: by 10.142.61.25 with SMTP id j25mr162355wfa.320.1251901666653; Wed, 02 Sep 2009 07:27:46 -0700 (PDT) In-Reply-To: References: Date: Wed, 2 Sep 2009 16:27:46 +0200 X-Google-Sender-Auth: 1a16f0cbba883794 Message-ID: <1a5b6c410909020727j18e57824rb6c479dd631a14df@mail.gmail.com> Subject: Re: any issues related to the people.apache.org attack From: Carlos Sanchez To: repository@apache.org Cc: "Henk P. Penning" Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Checked: Checked by ClamAV on apache.org I've got some sync mails (subject: [repo] /www/people.apache.org/repo/...) last gpg check using Henk script is from Aug 26 with 3 bad signatures from Wesley Wannemacher, http://people.apache.org/~henkp/repo/ BTW, I noticed the script only checks /www/people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache should it be updated to check all /www/people.apache.org/repo/ ? or at least /www/people.apache.org/repo/m2-ibiblio-rsync-repository/ ? seems it checks just the last month, if timestamps are altered it may not detect it? On Wed, Sep 2, 2009 at 12:59 PM, Steve Loughran wrote: > Looking at the people.apache.org writeup > https://blogs.apache.org/infra/entry/apache_org_downtime_report > > I'm wondering if anyone could have got a malicious article into the > main or snapshot repositories. Did any artifacts turn up during the > day? Unsigned? It may be good to delete them >