Popular Linux distribution According to researchers from Sophos, Gentoo has been completely "hushed up" and none of the current codes can be trusted. The team immediately released an update and found that none of the real codes were compromised. However, you have pulled the GitHub repository until you can upload a new copy of the unadulterated code.
"Today, June 28, at 8:20 UTC, strangers have taken control of the GitHub Gentoo organization and changed the contents of repositories and pages there, and we're still working to determine the exact extent and the Control over the organization and its repositories The entire Gentoo code hosted on github should be considered compromised at the moment, "wrote Gentoo administrators. "This does NOT affect code hosted on the Gentoo infrastructure, because the Master Gentoo ebuild repository is hosted on our own infrastructure and Github is just a mirror for it, so long as you have rsync or webrsync from gentoo. org. "
None of the codes are permanently damaged because the Gentoo admins have kept their own copy of the code. Gentoo said that the compromised code could contain malware and bugs and that users should avoid the GitHub version until it is restored.
"The Gentoo Infrastructure team has identified the ingress point and blocked the compromised account," wrote the admin. "Three Github repositories containing the Gentoo code, Musl, and systemd. All of these repositories are" in one. " known good condition "