Language Selection

English French German Italian Portuguese Spanish

WineHQ database compromise

Filed under
Software
Security
Web

I am sad to say that there was a compromise of the WineHQ database system.

What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin.

We had reluctantly provided access to phpmyadmin to the appdb developers (it is a very handy tool, and something they very much wanted). But it is a prime target for hackers, and apparently our best efforts at obscuring it and patching it were not sufficient.

So we have removed all access to phpmyadmin from the outside world.

We do not believe the attackers obtained any other form of access to the system.

Rest here




More in Tux Machines

RPM 4.12 Brings New Switches, New Rpm2Archive Utility

RPM 4.12 has been released as the latest version of the RPM Package Manager. This most recent upgrade brings a fair amount of additions, bug-fixes, API changes, binding improvements,a new plug-in system, and more. First up, RPM 4.12 brings a host of new command-line switches: --nopretrans, --noposttrans, --noplugins, --reinstall, --exportdb, --importdb, --recommends, --suggests, --supplements, and --enhances. RPM 4.12 also brings a rpm2archive utility for converting RPM payloads into tar archives. Read more

Qt Creator 3.2.1 released

We are happy to announce Qt Creator 3.2.1. This release contains a range of bugfixes, including fixes for: a freeze when using the current project or the all projects locator filters via keyboard shortcut a deployment error in the OS X packages which led to the Clang code model plugin not loading a crash when opening the context menu on C++ macro parameters For a full list of fixes, please see our change log. Read more

GNOME Control Center 3.14 RC1 Corrects Lots of Potential Crashes

GNOME Control Center, GNOME's main interface for the configuration of various aspects of your desktop, has been updated to version 3.14 RC1, along with a lot of the packages from the GNOME stack. Read more

Rust Developers Planning For The Rust 1.0 Language

Rust, the general purpose, safe, and concurrent programming language developed by Mozilla Research, is starting to assemble their vision of Rust 1.0. A new post on the Rust Programming Language Blog is laying out the path to Rust 1.0. The developers hope to move to Rust 1.0 soon with a beta coming out hopefully by the end of the year and the official release to follow. This Rust 1.0 milestone is to signify the Rust design "feeling right" and a promise to maintain backwards compatibility for future 1.x releases. Read more