It seems that spammers have found savannah's bug tracker easy prey.
The coreutils tracker was recently hit by this as well.  It was
necessary to change the permission level to logged-in users only to
avoid this attack.  I imagine that very quickly all of the projects
there will have problems.

Could one of the project admins for grep on Savannah change the
permission to require a logged in user?  [Administration], [Set
Permissions], [Authentication level required to be able to post
comments (and to attach files) on this tracker:], Logged-in User.

On principle I think this should only be temporary and should not be
needed if there are alternative ways to avoid spam to those pages.

Thanks
Bob


Reply via email to