[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Status update: debian-openoffice CVS repository

I just wanted to let you all know what's happening before I spam the
list with lots of commits from the pent up changes on my disks :)

Following Joey's restoration of the debian-installer CVS, I have done a
similar job for the debian-openoffice repository.  I have verified that
no files have been tampered with and removed all passwd entries
except for read-only anonymous access.

I happened to have a fairly recent tarball of the complete repo on
my local trusted machine, that was taken on September 30.  Rene & I
manually checked over all changes in the CVS repository files since then
(225 files changed, 31791 insertions, 6036 deletions), and then double
checked by comparing a  checkout of all files with our working directory
snapshots from just before the compromise.  I also removed the local
copies of the loginfo scripts I had been using and changed to using new,
audited versions.  

I have requested restoration of the repository directory, but I imagine
the admins are still pretty busy.  Until then people with shell access
can reach it at :ext:gluck.debian.org:/home/halls/cvs/debian-openoffice.

In the longer term we'll have to reconsider whether using CVS pserver is
a good idea to continue using for write access.


Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: