This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-announce@ripe.net/
[ncc-announce] [Service] Resolved Security Issue in LIR Portal
- Previous message (by thread): [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Next message (by thread): [ncc-announce] [training] RIPE NCC Webinars
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ivo Dijkhuis
ivo.dijkhuis at ripe.net
Fri Jan 23 16:56:34 CET 2015
Dear colleagues, A security issue in the RIPE NCC LIR Portal was reported to us on Monday, 19 January 2015. This issue allowed authenticated LIR Portal users to potentially access the invoices of other RIPE NCC members. Our investigation has shown that the issue was introduced on Monday morning, the same day it was discovered. A fix for this issue was deployed on Wednesday, 21 January 2015. We found no evidence that the issue was abused. No action is required from LIR Portal users. Measures have been taken to improve our internal software development processes with regard to security. We would like to thank Marco Näf, the RIPE NCC member who reported this issue, allowing us to resolve this issue quickly. Kind regards, Ivo Dijkhuis Information Security Officer RIPE NCC
- Previous message (by thread): [ncc-announce] [news] RIPE NCC website becoming HTTPS-only
- Next message (by thread): [ncc-announce] [training] RIPE NCC Webinars
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]