[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: About the recent invasion



	Yes, but not that they 'attacked' Fedora infrastructure using a 'ssh
package' signed... there's still no info on how and who ;), just
'what' :)

	Regards
	Pablo


El mar, 16-09-2008 a las 07:48 -0300, Itamar - IspBrasil escribió:
> ele esta dizendo que o atacante conseguiu assinar alguns pacotes do ssh, 
> se estes pacotes fossem colocados na internet em algum mirror qualquer e 
> alguem fizesse um update e instalasse um destes pacotes a maquina 
> estaria hackeada.
> 
> :-)
> 
> 
> 
> On 9/16/2008 7:39 AM, Pablo Iranzo Gómez wrote:
> > 	Ola
> > 	The update came because it seems that 'atacker' was able to sign some
> > openssh packages. This update, as stated is provided just in case there
> > is someone not using RHN to get updated packages. Customers using RHN to
> > get updates were not afected. The errata also states that there's an
> > ongoing investigation.
> >
> > 	Regards
> > 	Pablo
> >    
> 
> 
> _______________________________________________
> Fedora-infrastructure-list mailing list
> Fedora-infrastructure-list redhat com
> https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
-- 

Pablo Iranzo Gómez (Pablo Iranzo redhat com)
RHCE/RHCSP/RHCSS Global Profesional Services Consultant Spain
Phone: +34 645 01 01 49 (CET/CEST)
GnuPG KeyID: 0xFAD3CF0D

--
Inscrita en el Reg. Mercantil de Madrid – C.I.F. B-82 65 79 41
Directores: Michael Cunningham, Charlie Peters y David Owens
Dirección Registrada: Red Hat S.L., C/ Velazquez 63, Madrid 28001, España
Dirección contacto: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, Planta 3ºD, 28016 Madrid, Spain


Attachment: signature.asc
Description: Esta parte del mensaje está firmada digitalmente


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]