As the current maintainer for GIMP on MacPorts, I wanted to report that
we had an incident this morning where the file checksums (md5, sha1,
rmd160)  for the new 2.6.2 gimp distribution on one of the GIMP mirrors

failed to match those of the official GIMP site and the other mirrors for that

The offending site has been removed from our list of GIMP mirrors but I thought
that someone in the GIMP developer community might want to know about it 
as it could represent a possible attack.

Hope this is the right forum for this.


Gimp-developer mailing list

Reply via email to