Hello, following public exposure[1] of a SQL injection vulnerability on nm.debian.org, the website has been disabled[2] since a few days.
Since the current codebase is not maintained anymore, the plan is to fix the issue by finishing and deploying the new[3] website codebase. That should happen at the beginning of March, during the Mönchengladbach BSP[4]. To mitigate the inconvenience during this week, we have reinstated a temporary access to the existing nm.debian.org, protected by a password. All AMs should already have received an email with information on how to access. Others who need access to the website can ask n...@debian.org, including an "htpasswd -H md5" output in the mail. For anything else, like people who would like to apply to NM and other corner cases, one can always mail n...@debian.org and we'll deal with it. We apologise for the inconvenience. Enrico for the NM Front Desk. [1] http://lists.debian.org/debian-newmaint/2012/02/msg00046.html [2] http://lists.debian.org/debian-newmaint/2012/02/msg00050.html [3] http://lists.debian.org/debian-newmaint/2011/08/msg00023.html [4] http://wiki.debian.org/BSP/2012/03/de/Moenchengladbach -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enr...@enricozini.org>
signature.asc
Description: Digital signature