Our sysadmins decided to preventively shut down most of our web services which were still running on end-of-life\u00a0Mageia versions, as their potential vulnerability to remote attacks was publicised\u00a0in third party communities.<\/p>\n
The migration of those services to Mageia 5 servers was planned but delayed due to a lack of sysadmin time to work on it. The unexpected publicity that it received\u00a0obviously made this topic a high priority one, our infrastructure being exposed as an easy target. The sysadmins therefore decided to shut down the services to be able to work on the migration without further risks.<\/p>\n
Please note that our buildsystems for packages and ISO images\u00a0are running the latest stable release, and therefore Mageia users need (as far as we know at this stage) not be concerned. The potential risks should be confined to web services of the mageia.org domain \u2013 we are nevertheless auditing all servers for traces of intrusion which could have been facilitated by the outdated infrastructure.<\/p>\n
We are sorry for the disagreement and this security negligence, and will keep you posted with our progress on this issue and the verification of the services.<\/p>\n
Current status:<\/p>\n
Edit Apr 5, 2017 @ 17:45:<\/em> Added more details about services being down and the security risks.<\/p>\n Edit Apr 5, 2017 @ 20:45: <\/em>Instructions to add a specific mirror manually for MIRRORLIST users.<\/p>\n Edit Apr 6, 2017 @ 8:00:<\/em> Web services had been\u00a0mistakenly put back online automatically during the night, they are now back offline as necessary.<\/p>\n Edit Apr 8, 2017 @ 1:00:<\/em> Bugzilla and MIRRORLIST are functional again. Bugzilla was also updated to the latest 5.0.3+ upstream version.<\/p>\n Edit Apr 9, 2017 @ 0:15:<\/em> Identity is back online.<\/p>\n Edit Apr 20, 2017 @ 15:00:<\/em> Wiki is back online. Gitweb and Svnweb were also restored in the past week, and the mailing list software will be back soon.<\/p>\n Edit May 26, 2017 @ 21:00:<\/em> As of now all services are back online! Thanks to our sysadmins for their precious time! \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":" Our sysadmins decided to preventively shut down most of our web services which were still running on end-of-life\u00a0Mageia versions, as their potential vulnerability to remote attacks was publicised\u00a0in third party communities. The migration of those services to Mageia 5 servers … Continue reading