[Gimp-developer] Bogus/corrupted GIMP 2.6.2 distribution file
David Evans
devans at macports.org
Fri Oct 31 12:22:18 PDT 2008
As the current maintainer for GIMP on MacPorts, I wanted to report that
we had an incident this morning where the file checksums (md5, sha1,
rmd160) for the new 2.6.2 gimp distribution on one of the GIMP mirrors
http://gimp.site2nd.org/v2.6/
failed to match those of the official GIMP site and the other mirrors for that
matter.[1]
The offending site has been removed from our list of GIMP mirrors but I thought
that someone in the GIMP developer community might want to know about it
as it could represent a possible attack.
Hope this is the right forum for this.
[1] http://trac.macports.org/ticket/17057
More information about the Gimp-developer
mailing list