Backdoor inserted into Piwik
Backdoor inserted into Piwik
[Security] Posted Nov 27, 2012 15:38 UTC (Tue) by corbet
The Piwik web server analytics package was
given an undesirable feature — a backdoor — as the result of a
compromise of the piwik.org server. "You would be at risk only if you installed or updated to Piwik 1.9.2 on Nov 26th from 15:43 UTC to 23:59 UTC.
If you are not using 1.9.2, or if you have updated to 1.9.2 earlier than
Nov 26th 15:40 UTC or from Nov 27th, you should be safe.
" The
announcement has details on the backdoor and how to detect it.