Join the community today
Become a Member

PHP git source repo compromise!

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Mar 29, 2021.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    48,437
    11,100
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,275
    Local Time:
    1:14 AM
    Nginx 1.21.x
    MariaDB 10.x
    Seems the official PHP git source repo server might have been compromised with unauthorized commits php.internals: Changes to Git commit workflow. They are now switching away from their own Git server and using Github mirror as the official Git repo at php/php-src


     
  2. buik

    buik “The best traveler is one without a camera.”

    1,617
    457
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,407
    Local Time:
    5:14 PM
    Fortunately, no commits have been made in specific release branches, but in the master.:)

    Relatively harmless. Nice to see that the PHP team took immediate action!
     
  3. eva2000

    eva2000 Administrator Staff Member

    48,437
    11,100
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,275
    Local Time:
    1:14 AM
    Nginx 1.21.x
    MariaDB 10.x
    Indeed lucky! Happy to see them move to using Github repo as official version :D