Spot and I received some reports about the fedorproject.org site. We referred this to Red Hat's legal department, and they're looking into it. However, given the site's origin it may take a while to see any effects from that work.
What technical steps might we want to take with regard to this site in the meantime? I would feel comfortable with the Infrastructure team doing whatever they deem appropriate to protect our users or potential users, to whatever extent we can.
infrastructure@lists.fedoraproject.org