libelektra.org compromised

what exactly happened and what does that mean for the debian repository and releases hosted on the server ?

It is yet unclear how exactly the breach happened. We only know that the container hosting libelektra.org suddenly started massive network scans.

Everything hosted on the server currently is not available. Backups exist of course. For releases the backups are also available online at https://github.com/ElektraInitiative/ftp/tree/master/releases

http://www.libelektra.org temporarily redirects to github (https unfortunately is not available). I updated the main README.md to give a notice about the current problem we have.

Sorry for all inconveniences. Please ask here if there are any further questions.

is there any chance that the packages hosted in the debian repository or release tarballs got compromised ?

The tar balls on the server: certainly there is a chance. But they are currently not provided.

Did you recently download the tar balls or debian packages and noticed something strange?

Hopefully we can use @BernhardDenner setup soon, or can someone provide a temporary setup to host the webpage done by @Namoshek?

@markus2330 I could provide a droplet on DigitalOcean as temporary solution. Just send me an SSH key per e-mail and I'll send you the login IP.

Thank you for the great offer! @BernhardDenner can choose, but maybe to directly deploy the website to its final place is less work overall with little difference in downtime.

You might redirect to Github pages in the meantime, just to inform people. https://pages.github.com/

Thank you for the input! Unfortunately I currently have poor or no Internet connection. Maybe @BernhardDenner can set something up?

@waht do you think we can relaunch with the new colors?

Sorry for the very long delay...

The Site is now back again. Hopefully, if found all subdomains and restored them ;)
Jenkins is also online again however, didn't check if it is still building stuff.
The REST backend/frontend are still offline, I'll check that in the next days.

I'm sure, there are lot of things I've overseen, so if you find broken links that worked before, please let me know.

@BernhardDenner Thank you for fixing the server!

The "jenkins build please" commands do not work yet. Probably a new auth token has to be created or maybe it's a Github setting.

Thanks for all your provided help! Looks much better now with the website up again!

Jenkins Github pull requests webhook now working again.

Please, improve your website's security by applying Security Content Headers to your webserver's configuration. It is fairly easy to implement and improves your website's security a lot!

You can see your current websites security level here. There is no need for HPKP. Just applying Content Headers will help a lot with XSS protection eg.

@BernhardDenner Thank you for fixing the hooks! Jenkins seems to have a problem tough:

[WARNINGS] Parsing warnings in console log with parser GNU C Compiler 4 (gcc)
Archiving artifacts
SSH: Connecting from host [debian-stable.mm.build.libelektra.org]
SSH: Connecting with configuration [doc.libelektra.org] ...
ERROR: Exception when publishing, exception message [Failed to connect session for config [doc.libelektra.org]. Message [java.net.ConnectException: Connection refused (Connection refused)]]
Build step 'Send build artifacts over SSH' changed build result to UNSTABLE
Adding one-line test results to commit status...
Setting status of 0bb8b5d934d7475668f592aa2805dd4018ac3f0e to FAILURE with url https://build.libelektra.org/job/elektra-mergerequests/2192/ and message: 'Build finished. No test results found.'
Using context: elektra-mergerequests
Finished: UNSTABLE

EDIT: this only occured in elektra-mergerequests, all of the other build jobs worked fine.

@tr37ion Thanks for your suggestion! Do you have some drop-in configs for apache2 to fix this? Please open a new issue for this.

I opened #1526 for tracking leftovers, with #1525 as most important one (backend of libelektra.org still down).

I think we can close this issue now? Please reopen if needed.