Welcome to Centmin Mod Community
Register Now

PHP git source repo compromise!

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Mar 29, 2021.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    53,507
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Seems the official PHP git source repo server might have been compromised with unauthorized commits php.internals: Changes to Git commit workflow. They are now switching away from their own Git server and using Github mirror as the official Git repo at php/php-src


     
  2. buik

    buik “The best traveler is one without a camera.”

    2,001
    519
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,651
    Local Time:
    4:41 AM
    Fortunately, no commits have been made in specific release branches, but in the master.:)

    Relatively harmless. Nice to see that the PHP team took immediate action!
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,507
    12,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,675
    Local Time:
    12:41 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Indeed lucky! Happy to see them move to using Github repo as official version :D