Language Selection

English French German Italian Portuguese Spanish

WineHQ database compromise

Filed under
Software
Security
Web

I am sad to say that there was a compromise of the WineHQ database system.

What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin.

We had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

So we have removed all access to phpmyadmin from the outside world.

We do not believe the attackers obtained any other form of access to the system.

Rest here




More in Tux Machines

Nouveau In Linux 3.20 Will Have A Lot Of Code Cleaning

While the Nouveau pull request has yet to be issued for the DRM-Next merge window that will ultimately target the Linux 3.20 kernel, a look at the changes so far appear to mostly indicate this open-source NVIDIA driver is just going through a period of code cleaning and reorganization. Read more Also: Linux kernels for a macbook pro retina

Android Leftovers

Debian 8.0 "Jessie" Installer RC1 Released

The first release candidate for the Debian Jessie Installer in leading up to the Debian 8.0 "Jessie" release. While some Debian developers were hoping to release Debian 8.0 before February, it doesn't look like that will pan out given that the first release candidate of the installer surfaced today. Read more Also: Debian 8.0 "Jessie" RC1 Is Here, Test Away

Firefox 35.0.1 Now Out – My God, It's Full of Fixes

Two weeks after the release of Firefox 35, the Mozilla devs have pushed the first update out the door and they have fixed a number of important crashes and various other problems. Read more