Re: wiki.debian.org password reset
On Sun, Jan 06, 2013 at 10:39:31PM +0000, Luca Filipozzi wrote:
> Please recall our recent email regarding the moinmoin [1] vulnerability [2] and
> the penetration of Debian's wiki [3]. We have reset all password hashes and
> sent individual notification to all Debian wiki account holders with
> instructions on how to recover (and thereby reset) their passwords [4]. More
> technical details about the attack are available [5].
Thanks. I noticed that my passwords on wiki.debian.org and
wiki.debconf.org were identical, but my password on wiki.debconf.org had
not been automatically reset. Perhaps it's worth auditing for this,
since I suspect this is not uncommon?
--
Colin Watson [cjwatson@debian.org]
Reply to: