Home page logo

oss-sec logo oss-sec mailing list archives

vsftpd download backdoored
From: Solar Designer <solar () openwall com>
Date: Mon, 4 Jul 2011 01:16:27 +0400


Here's a great example of why maintainers should sign their release
tarballs, why distributions should insist on that, and why they should
actually check the signatures indeed.

I think we should be referring to this when convincing people to do that
(I had moderate success so far - some projects started signing their
tarballs after my suggestions/requests, some did not).


New vsftpd homepage:



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]