Gentoo Was Compromised On GitHub

Written by Michael Larabel in Operating Systems on 28 June 2018 at 09:32 PM EDT. 39 Comments
OPERATING SYSTEMS
Unknown individuals were able to gain access to the Gentoo repositories on GitHub, including the modification of said repositories.

While we don't normally cover all these individual security incidents, a Gentoo representative has asked we relay it here. Their public announcement warns, "All Gentoo code hosted on github should for the moment be considered compromised."

But for those relying upon the Gentoo.org infrastructure or Gentoo outside of GitHub, there is no known compromise, including the master Gentoo ebuild repository.

Their notice can be read on Gentoo.org. Gentoo is working with GitHub to properly address the situation.
39 Comments
Related News
TrueNAS SCALE 24.04 Released For A Wonderful NAS Platform
Rocky Linux To Support Upstream Stable Kernels
AlmaLinux 9.4 Beta Restores Support For Some Hardware Deprecated By RHEL
Gentoo Linux Now An SPI Project
Linux Mint Aims For More Reliable & Faster Repository Access
CachyOS Making Use Of Plymouth For Better Boot Experience, Mitigates For XZ Fiasco
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Fedora Linux 40 Cleared For Release Next Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance