Monday, March 29, 2021

PHP’s Git Server Compromised

Nikita Popov (via Hacker News):

Yesterday (2021-03-28) two malicious commits were pushed to the php-src repo from the names of Rasmus Lerdorf and myself. We don’t yet know how exactly this happened, but everything points towards a compromise of the server (rather than a compromise of an individual git account).

While investigation is still underway, we have decided that maintaining our own git infrastructure is an unnecessary security risk, and that we will discontinue the server. Instead, the repositories on GitHub, which were previously only mirrors, will become canonical.


Update (2021-04-07): Nikita Popov (via Hacker News):

We no longer believe the server has been compromised. However, it is possible that the user database leaked.

Comments RSS · Twitter

Leave a Comment