Get the most out of your Centmin Mod LEMP stack
Become a Member

PHP git source repo compromise!

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Mar 29, 2021.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    46,427
    10,551
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,371
    Local Time:
    8:33 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Seems the official PHP git source repo server might have been compromised with unauthorized commits php.internals: Changes to Git commit workflow. They are now switching away from their own Git server and using Github mirror as the official Git repo at php/php-src

     
  2. buik

    buik “Life is trying things to see if they work.” Premium Member

    1,373
    376
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,145
    Local Time:
    12:33 AM
    Fortunately, no commits have been made in specific release branches, but in the master.:)

    Relatively harmless. Nice to see that the PHP team took immediate action!
     
  3. eva2000

    eva2000 Administrator Staff Member

    46,427
    10,551
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,371
    Local Time:
    8:33 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Indeed lucky! Happy to see them move to using Github repo as official version :D