[Cialug] red hat (potential) comprimise
Jeffrey Ollie
jeff at ocjtech.us
Sat Aug 23 16:04:45 CDT 2008
On Sat, Aug 23, 2008 at 11:49 AM, Barry Von Ahsen <barry at vonahsen.com> wrote:
> http://www.redhat.com/security/data/openssh-blacklist.html
>
> from TFA:
> "...we remain highly confident that our systems and processes prevented the
> intrusion from compromising RHN or the content distributed via RHN and
> accordingly believe that customers who keep their systems updated using Red
> Hat Network are not at risk. We are issuing this alert primarily for those
> who may obtain Red Hat binary packages via channels other than those of
> official Red Hat subscribers."
>
> (since I hadn't seen anything yet)
This also affected Fedora, although I haven't seen any specifics of
how the intrusion was accompished.
http://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
I know the people that run the Fedora build systems and web servers
have spent some very long hours reinstalling everything from scratch.
It's a tribute to them (and the management systems that they've built
up) that they have been able accomplish that in a week.
--
Jeff
"You know, I used to think it was awful that life was so unfair. Then
I thought, wouldn't it be much worse if life were fair, and all the
terrible things that happen to us come because we actually deserve
them? So, now I take great comfort in the general hostility and
unfairness of the universe."
-- Marcus to Franklin in Babylon 5: "A Late Delivery from Avalon"
More information about the Cialug
mailing list