| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <961232E9-76AA-4729-85D5-E6129070C044@multicasttech.com> Date: Wed, 30 Apr 2008 13:43:40 -0400 From: Marshall Eubanks <tme@...ticasttech.com> To: Rainer Duffner <rainer@...ra-secure.de> Cc: Michael Scheidell <scheidell@...nap.net>, bugtraq@...urityfocus.com Subject: Re: heanet.dl.sourceforge.net hacked? Sourceforge and slashdot had server issues today. <http://news.netcraft.com/archives/2008/04/30/slashdot_sourceforge_back_online_after_outage.html > Regards Marshall On Apr 30, 2008, at 12:23 PM, Rainer Duffner wrote: > Michael Scheidell schrieb: >> >> or have wrong file? >> >> in attempting to upgrade png (due to security problem), we tried to >> pull from sourceforge mirrors. >> (note below, libpng says file size for libpng-1.2.27.tar.bz2 with >> scripts should be 641193) heanet has a bigger file. >> other sourceforge.net mirrors have it right. >> >> Was heanet.dl hacked? are some people downloading a trojanized >> version of png? >> all attempts (in the past) to contact sourceforge had been useless. >> >> http://www.libpng.org/pub/png/libpng.html >> >> >> Attempting to fetch from http://heanet.dl.sourceforge.net/sourceforge/libpng/ >> . >> fetch: http://heanet.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.27.tar.bz2 >> : size mismatch: expected 641193, actual 804821 >> > > > I now get identical files (well, at least from switch.ch and heanet > and surfnet. > > > > > cheers, > Rainer
Powered by blists - more mailing lists