From d047dbc3cae375526832970704515ca7305589d1 Mon Sep 17 00:00:00 2001
From: erciccione <erciccione@protonmail.com>
Date: Tue, 19 Nov 2019 18:09:50 +0100
Subject: [PATCH 1/2] Add blog post about compromised binaries

---
 .../2019-11-19-warning-compromised-binaries.md  | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 _posts/2019-11-19-warning-compromised-binaries.md

diff --git a/_posts/2019-11-19-warning-compromised-binaries.md b/_posts/2019-11-19-warning-compromised-binaries.md
new file mode 100644
index 00000000..1959bc02
--- /dev/null
+++ b/_posts/2019-11-19-warning-compromised-binaries.md
@@ -0,0 +1,17 @@
+---
+layout: post
+title: "Warning: The binaries of the CLI wallet were compromised for abut 35 minutes"
+summary: The binaries available on this website were compromised for a brief time
+tags: [announcements]
+author: ErCiccione
+---
+
+Yesterday [a GitHub issue about mismatching hashes coming from this website](https://github.com/monero-project/monero/issues/6151) was opened. A quick investigation found out that the binaries of the CLI wallet had been compromised and a malicious version was being served. It was quickly fixed, which means the conpromised binaries were online for only 35 minutes. The binaries are now served from another, safe, source. [See the reddit post by core team member binaryfate](https://www.reddit.com/r/Monero/comments/dyfozs/security_warning_cli_binaries_available_on/)
+
+It's strongly racommannded to anyone who downloaded the CLI wallet from this website between Monday 19th and tuesday 20th, to check the hashes of their binaries, if they don't match the official ones delete the files and download them again. <b>Do not run the compromised binaries for any reason!</b>.
+
+We have two guides available to help users check the autenticity of their binaries: <a href="{{site.baseurl}}/resources/user-guides/verification-windows-beginner.html">Verify binaries on Windows (beginner)</a> and <a href="{{site.baseurl}}/resources/user-guides/verification-allos-advanced.html">Verify binaries on Linux, Mac, or Windows command line (advanced)</a>. Signed hashed can be found here: https://web.getmonero.org/downloads/hashes.txt.
+
+The situations is being investigated and updates will be provided soon.
+
+<i>The Monero community</i>

From bad2fc789da9e2d5d8d1289318fba29994e38489 Mon Sep 17 00:00:00 2001
From: erciccione <erciccione@protonmail.com>
Date: Tue, 19 Nov 2019 18:10:06 +0100
Subject: [PATCH 2/2] Add 'Warning' banner with text about compromised binaries

---
 _includes/warning.html                            |  7 +++++++
 _layouts/base.html                                |  1 +
 _posts/2019-11-19-warning-compromised-binaries.md | 12 ++++++------
 3 files changed, 14 insertions(+), 6 deletions(-)
 create mode 100644 _includes/warning.html

diff --git a/_includes/warning.html b/_includes/warning.html
new file mode 100644
index 00000000..60892ded
--- /dev/null
+++ b/_includes/warning.html
@@ -0,0 +1,7 @@
+<div class="upgrade-container">
+    <input id="upgrade-toggle" type="checkbox">
+    <div class="upgrade-content">
+            <p><label class="upgrade-x" for="upgrade-toggle"></label><b>Warning:</b> The binaries listed on this page were compromised for a short time. Users are suggested to take action. Please <a href="{{ site.baseurl }}{% post_url 2019-11-19-warning-compromised-binaries %}"><u>click here</u></a> for details.</p>
+     </div>
+
+
diff --git a/_layouts/base.html b/_layouts/base.html
index da72e2fb..961da791 100644
--- a/_layouts/base.html
+++ b/_layouts/base.html
@@ -4,6 +4,7 @@
   {% include head.html %}
 
   <body>
+    {% include warning.html %}
     <div class="page-wrapper">
         {% include header.html %}
         {{content}}
diff --git a/_posts/2019-11-19-warning-compromised-binaries.md b/_posts/2019-11-19-warning-compromised-binaries.md
index 1959bc02..42e0e542 100644
--- a/_posts/2019-11-19-warning-compromised-binaries.md
+++ b/_posts/2019-11-19-warning-compromised-binaries.md
@@ -1,17 +1,17 @@
 ---
 layout: post
-title: "Warning: The binaries of the CLI wallet were compromised for abut 35 minutes"
-summary: The binaries available on this website were compromised for a brief time
+title: "Warning: The binaries of the CLI wallet were compromised for a short time"
+summary: The binaries available on this website were compromised for a short time
 tags: [announcements]
 author: ErCiccione
 ---
 
-Yesterday [a GitHub issue about mismatching hashes coming from this website](https://github.com/monero-project/monero/issues/6151) was opened. A quick investigation found out that the binaries of the CLI wallet had been compromised and a malicious version was being served. It was quickly fixed, which means the conpromised binaries were online for only 35 minutes. The binaries are now served from another, safe, source. [See the reddit post by core team member binaryfate](https://www.reddit.com/r/Monero/comments/dyfozs/security_warning_cli_binaries_available_on/)
+Yesterday [a GitHub issue about mismatching hashes coming from this website](https://github.com/monero-project/monero/issues/6151) was opened. A quick investigation found that the binaries of the CLI wallet had been compromised and a malicious version was being served. The problem was immediately fixed, which means the compromised files were online for a very short amount of time. The binaries are now served from another, safe, source. [See the reddit post by core team member binaryfate](https://www.reddit.com/r/Monero/comments/dyfozs/security_warning_cli_binaries_available_on/).
 
-It's strongly racommannded to anyone who downloaded the CLI wallet from this website between Monday 19th and tuesday 20th, to check the hashes of their binaries, if they don't match the official ones delete the files and download them again. <b>Do not run the compromised binaries for any reason!</b>.
+It's strongly recommended to anyone who downloaded the CLI wallet from this website between Monday 18th 2:30 AM UTC and 4:30 PM UTC, to check the hashes of their binaries. If they don't match the official ones, delete the files and download them again. <b>Do not run the compromised binaries for any reason</b>.
 
-We have two guides available to help users check the autenticity of their binaries: <a href="{{site.baseurl}}/resources/user-guides/verification-windows-beginner.html">Verify binaries on Windows (beginner)</a> and <a href="{{site.baseurl}}/resources/user-guides/verification-allos-advanced.html">Verify binaries on Linux, Mac, or Windows command line (advanced)</a>. Signed hashed can be found here: https://web.getmonero.org/downloads/hashes.txt.
+We have two guides available to help users check the authenticity of their binaries: <a href="{{site.baseurl}}/resources/user-guides/verification-windows-beginner.html">Verify binaries on Windows (beginner)</a> and <a href="{{site.baseurl}}/resources/user-guides/verification-allos-advanced.html">Verify binaries on Linux, Mac, or Windows command line (advanced)</a>. Signed hashes can be found here: https://getmonero.org/downloads/hashes.txt.
 
-The situations is being investigated and updates will be provided soon.
+The situation is being investigated and updates will be provided soon.
 
 <i>The Monero community</i>