Yes, but not that they 'attacked' Fedora infrastructure using a 'ssh package' signed... there's still no info on how and who ;), just 'what' :) Regards Pablo El mar, 16-09-2008 a las 07:48 -0300, Itamar - IspBrasil escribió: > ele esta dizendo que o atacante conseguiu assinar alguns pacotes do ssh, > se estes pacotes fossem colocados na internet em algum mirror qualquer e > alguem fizesse um update e instalasse um destes pacotes a maquina > estaria hackeada. > > :-) > > > > On 9/16/2008 7:39 AM, Pablo Iranzo Gómez wrote: > > Ola > > The update came because it seems that 'atacker' was able to sign some > > openssh packages. This update, as stated is provided just in case there > > is someone not using RHN to get updated packages. Customers using RHN to > > get updates were not afected. The errata also states that there's an > > ongoing investigation. > > > > Regards > > Pablo > > > > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list -- Pablo Iranzo Gómez (Pablo.Iranzo@xxxxxxxxxx) RHCE/RHCSP/RHCSS Global Profesional Services Consultant Spain Phone: +34 645 01 01 49 (CET/CEST) GnuPG KeyID: 0xFAD3CF0D -- Inscrita en el Reg. Mercantil de Madrid – C.I.F. B-82 65 79 41 Directores: Michael Cunningham, Charlie Peters y David Owens Dirección Registrada: Red Hat S.L., C/ Velazquez 63, Madrid 28001, España Dirección contacto: C/Jose Bardasano Baos, 9, Edif. Gorbea 3, Planta 3ºD, 28016 Madrid, Spain
Attachment:
signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada digitalmente
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
