Hi Tom, *, On Mon, Jun 17, 2013 at 12:58 PM, Tom <[email protected]> wrote: > > Someone notified the Users Mailing List that "The Document Foundation" > website appeared to have been compromised. Here's a screen-shot; > > Malware-Screen-Documentfoundation-2013-06-17.jpg > <http://nabble.documentfoundation.org/file/n4061840/Malware-Screen-Documentfoundation-2013-06-17.jpg> > > Note that it's not the LibreOffice.org website. presumably it is a false > positive but if it is how do we get Avira to stop mis-reporting it?
Probably ony by using the "as an Expert link" - as the message doesn't tell what triggers the heuristics, it is hard to fix from our part, as we don't use any "dirty tricks" on the website. > Is > there really a problem? Not here. Of course there is the possibility of a malicious proxy (trying https and checking the certificate would help in that case. The sha-1 fingerprint of the certificate is: 0B 8B E9 ED 5F 2A 6F CD 8A AC 07 75 F3 5C 41 F2 EE 9A 48 CB) - So please check whether the page also shows the warning via https (and when the browser says the certificate is valid and matches the fingerprint). The only thing that I could think of that might trigger a warning is the included javascript - but that is nothing special. It contains form-validation javascript, that is unnecessary on the frontpage, but nothing malicious/not compromised. ciao Christian -- To unsubscribe e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/website/ All messages sent to this list will be publicly archived and cannot be deleted
