[oe] Recent wordpress attacks and md5sum
koen at dominion.kabel.utwente.nl
Sun Mar 4 18:02:50 CET 2007
-----BEGIN PGP SIGNED MESSAGE-----
Holger Freyther schreef:
> the recent wordpress attacks illustrates the danger of changed
> sourcecode. Luckily we do not package wordpress but our packages
> would have contained this backdoor! Now to use the buzz words
> terrorism, danger, security and you all should be scared.
> Luckily we do not need a homeland security act to avoid this situation:
> Please add md5sum to your SRC_URI on http/ftp/sctp.
I have a bunch of sources, but how do I know that these have the correct md5sum? Should we
all run md5sum on our DL_DIR and compare results?
> PS: I wonder if bitbake should refuse to fetch code without md5sum/
Another extension for insane.bbclass? How do we handle mirrors for svn/cvs checkouts?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
-----END PGP SIGNATURE-----
More information about the Openembedded-devel