Readthedocs site says it was hacked

ostreedev / ostree

Operating system and container binary deployment and upgrades

https://ostreedev.github.io/ostree/

Other

1.31k stars 300 forks source link

Readthedocs site says it was hacked #3312

Closed genodeftest closed 2 months ago

genodeftest commented 2 months ago

The readthedocs site https://ostree.readthedocs.io/en/latest/ says it was hacked. That site is referenced multiple times across the repos so I guess it should be the legit documentation website.

cgwalters commented 2 months ago

Ouch. Thanks for the report. I don't remember now what the credentials setup was for that. A bit...lame...for this researcher to just take over sites permanently. In any case the GH pages setup should be more secure in the sense that it doesn't have distinct credentials to publish anything.

I submitted https://github.com/ostreedev/ostree/pull/3313 - the only place I found a reference was the Rust bindings.

genodeftest commented 2 months ago

Thanks! It might make sense to contact the readthedocs.io support to get the site back.

Some references still point to the readthedocs URL, for example the Fedora package's metadata (PR to change that). There might be more in other upstreams.