{"id":32011,"date":"2021-03-29T16:58:17","date_gmt":"2021-03-29T20:58:17","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=32011"},"modified":"2021-04-07T16:53:36","modified_gmt":"2021-04-07T20:53:36","slug":"phps-git-server-compromised","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2021\/03\/29\/phps-git-server-compromised\/","title":{"rendered":"PHP&rsquo;s Git Server Compromised"},"content":{"rendered":"<p><a href=\"https:\/\/news-web.php.net\/php.internals\/113838\">Nikita Popov<\/a> (via <a href=\"https:\/\/news.ycombinator.com\/item?id=26616707\">Hacker News<\/a>):<\/p>\n<blockquote cite=\"https:\/\/news-web.php.net\/php.internals\/113838\">\n<p>Yesterday (2021-03-28) two malicious commits were pushed to the php-src\nrepo from the names of Rasmus Lerdorf and myself. We don&rsquo;t yet know how\nexactly this happened, but everything points towards a compromise of the\ngit.php.net server (rather than a compromise of an individual git account).<\/p>\n<p>While investigation is still underway, we have decided that maintaining our\nown git infrastructure is an unnecessary security risk, and that we will\ndiscontinue the git.php.net server. Instead, the repositories on GitHub,\nwhich were previously only mirrors, will become canonical.<\/p>\n<\/blockquote>\n\n<p>Previously:<\/p>\n<ul>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2020\/11\/05\/github-source-code-leak\/\">GitHub Source Code Leak<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2018\/11\/27\/popular-npm-package-compromised\/\">Popular NPM Package Compromised<\/a><\/li>\n<\/ul>\n\n<p id=\"phps-git-server-compromised-update-2021-04-07\">Update (2021-04-07): <a href=\"https:\/\/externals.io\/message\/113981\">Nikita Popov<\/a> (via <a href=\"https:\/\/news.ycombinator.com\/item?id=26720201\">Hacker News<\/a>):<\/p>\n<blockquote cite=\"https:\/\/externals.io\/message\/113981\"><p>We no longer believe the git.php.net server has been compromised. \nHowever, it is possible that the master.php.net user database leaked.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Nikita Popov (via Hacker News): Yesterday (2021-03-28) two malicious commits were pushed to the php-src repo from the names of Rasmus Lerdorf and myself. We don&rsquo;t yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account). While investigation is still [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2021-03-29T20:58:20Z","apple_news_api_id":"de1a75a9-e96e-4c14-8e0b-79b9692ded4c","apple_news_api_modified_at":"2021-04-07T20:53:40Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/A3hp1qeluTBSOC3m5aS3tTA","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[377,524,359,48],"class_list":["post-32011","post","type-post","status-publish","format-standard","hentry","category-technology","tag-git","tag-github","tag-php","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/32011","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=32011"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/32011\/revisions"}],"predecessor-version":[{"id":32091,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/32011\/revisions\/32091"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=32011"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=32011"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=32011"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}