Date: prev next · Thread: first prev next last
2013 Archives by date, by thread · List index

Hi Tom, *,

On Mon, Jun 17, 2013 at 12:58 PM, Tom <> wrote:

Someone notified the Users Mailing List that "The Document Foundation"
website appeared to have been compromised.  Here's a screen-shot;


Note that it's not the website.  presumably it is a false
positive but if it is how do we get Avira to stop mis-reporting it?

Probably ony by using the "as an Expert link" - as the message doesn't
tell what triggers the heuristics, it is hard to fix from our part, as
we don't use any "dirty tricks" on the website.

there really a problem?

Not here. Of course there is the possibility of a malicious proxy
(trying https and checking the certificate would help in that case.
The sha-1 fingerprint of the certificate is: 0B 8B E9 ED 5F 2A 6F CD
8A AC 07 75 F3 5C 41 F2
EE 9A 48 CB) - So please check whether the page also shows the warning
via https (and when the browser says the certificate is valid and
matches the fingerprint).

The only thing that I could think of that might trigger a warning is
the included javascript - but that is nothing special.
It contains form-validation javascript, that is unnecessary on the
frontpage, but nothing malicious/not compromised.


To unsubscribe e-mail to:
Posting guidelines + more:
List archive:
All messages sent to this list will be publicly archived and cannot be deleted


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.