Conversation

LineageOS

@LineageAndroid

Around 8PM PST on May 2nd, 2020 an attacker used a CVE in our saltstack master to gain access to our infrastructure. We are able to verify that: - Signing keys are unaffected. - Builds are unaffected. - Source code is unaffected. See http://status.lineageos.org for more info.

5:41 AM · May 3, 2020·TweetDeck

184

Retweets

27

Quote Tweets

586

Likes

𝗳𝗮𝘁𝘁𝗶𝗿𝗲

@fat__tire

·

May 3, 2020

Replying to

@LineageAndroid

Good you caught it quickly.

21

Birpal Singh Bhinder

@VeeruBhinder

·

May 3, 2020

Replying to

@LineageAndroid

Good work. Keep it up. We trust you.

A N B U

@idoiticanbu

·

May 3, 2020

Replying to

@LineageAndroid

First provide proper working build (Moto one power) . Why you guys approving the build

1

Jared Tamana

@JaredTamana

·

May 4, 2020

You need a dev before anything else. The Lineage official maintainer docs are very clearly laid out. Maybe show a bit more respect for this breach they stopped.

3

Jürgen Brunk (Jay)

@jubrunk

·

May 3, 2020

Replying to

@LineageAndroid

@awlnx

Saltstack Master 🙈🤪

1

awlnx

@awlnx

·

May 3, 2020

I know, the CVE ;). Frage ist, wieso war der Public erreichbar? Und war da Autosigning an?

2

5

Show replies

sainath.mamillapalli

@m_sainath851

·

May 3, 2020

Replying to

@LineageAndroid

Please try to give support to lumia devices, for android

3

1

Juho Yliriesto

@JuhoYliriesto

·

May 3, 2020

Lumia devices work as boat anchors 😆

4

Flo

@FloJoSchlo

·

May 3, 2020

Replying to

@LineageAndroid

I don't get why people do this kind of stuff. Just plain vandalism.

1

10

Yassine Oudjana

@y_oudjana

·

Jun 27, 2020

They might want to replace builds with malware-infested ones and be able to do bad stuff in the phones they get installed on

1