圖片附件: 2013-07-27 01_08_58-快讯:YII 官网被黑 - 开源中国社区.png (2013-7-27 01:10, 129.43 KB) / 下載次數 80
Hello bestlong,
Earlier today it was discovered that the entry page on the Yii website had been defaced. The website was restored in less than an hour from discovery. The defacement was made possible by a vulnerability in the separate forum software used on the site. This vulnerability has now been fixed.
For your information, here are some details about the event:
1. The website's index.php was compromised through a vulnerability in the separate forum software (IPB, not Yii).
2. Neither the website's code nor Yii framework code was involved or part of the attack in any way. Hence, the security of the Yii framework remains as secure today as it was yesterday.
3. No framework downloads were affected, as the Yii framework source code is hosted externally.
Although we're storing passwords encrypted and are salting hashes, we recommended that you change your forum password. Please also note that if you are using the same password for other services and/or websites, you should change those as well.
Thank you for your patience and understanding,
Yii framework team
| 歡迎光臨 bestlong 怕失憶論壇 (http://www.bestlong.idv.tw/) | Powered by Discuz! X1.5 |