Savannah.gnu.org Compromised

36

The Savannah front page currently reads: “There’s been a SQL injection leading to leaking of encrypted account passwords, some of them discovered by brute-force attack, leading in turn to project membership access.” The site is being restored to its state as of November 23; changes committed after that date will need to be redone.

Read more at LWN