[openstack-ansible] Gerrit breach and auditing all commits since Oct 01
Dmitriy Rabotyagov
noonedeadpunk at ya.ru
Wed Oct 28 16:40:48 UTC 2020
Hi!
Most of you already know that Gerrit has been compromised a while ago [1]. Infra team has dealed with it very efficiently and I can assure you that this
issue hasn't touched openstack-ansible project.
I have looked through all commits that were merged in period from Oct 1 - Oct 21 (and we've got more than 200 of them during this timeframe, wow!),
and all of them look valid and were properly approved. I have also double checked our releases and didn't found any extra or malicious ones.
So we are pretty safe and can sleep calm
[1] http://lists.opendev.org/pipermail/service-announce/2020-October/000011.html
--
Kind Regards,
Dmitriy Rabotyagov
More information about the openstack-discuss
mailing list