News [Linuxiac] Xubuntu Discloses October Download Site Compromise

[Rob]

Xubuntu confirms a malicious ZIP was served in October and is switching to the Hugo static site generator to prevent similar attacks.

Source: https://linuxiac.com/xubuntu-discloses-october-download-site-compromise/

 

[Trml]

The reaction time and post-mortem read great, but when I visit https://xubuntu.org today (Nov 19th, a month later) - I'm served with a

net::ERR_CERT_COMMON_NAME_INVALID

failure. That's not so great.

 

[Rob]

Sounds like they're moving it over today maybe and ironing out some issues We've had plenty of 'oops ssl cert' breaking things moments lol

 

[Trml]

Probably an issue while moving to github.io, yes. Moving out of the mothership is never easy, right. https://www.ssllabs.com/ssltest/ana...0c0:8001:0:0:0:0:153&ignoreMismatch=on&latest