John Beckett wrote: > The vim.org problem has been fixed by Sourceforge.
It still looked broken to me. After a little digging I discovered that the PHP function we were using to connect to the database no longer worked. I changed it by one letter and now it's working again. > However, my checking of some recent changes to the vim.org > database shows that vim.org was scanned by someone with Acunetix > Web Vulnerability Scanner. That was used to generate at least > 124 user accounts, including text fields intended to probe for > bugs that might be exploited to break in to the system. > > It will take me a few days to think about what to do. After > talking with Bram, I'll delete the junk accounts. > > To save people the nuisance of downloading junk scripts, I have > deleted scripts 4555 to 4566 inclusive, and the user who created > them, and the script downloads. Thanks. For the bogus user accounts, please dump the information and then delete the accounts. The danger is that someone injects bad code into a popular script. Please check what scripts changed, if you can. -- Vi is clearly superior to emacs, since "vi" has only two characters (and two keystrokes), while "emacs" has five. (Randy C. Ford) /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
