Dailydave mailing list archives
Situation remains cloudy.
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 22 Aug 2008 10:05:21 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ok, so to sum up the two emails below: 1. Fedora's package signing box was compromised by unknown parties. Fedora does not think the key's passphrase was compromised however. They are changing their keys. 2. RedHat's package signing key was used to sign trojaned OpenSSH packages. RedHat does not think these were distributed via the Red Hat Network auto-update service. http://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html http://rhn.redhat.com/errata/RHSA-2008-0855.html - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIrsehtehAhL0gheoRAkuqAJ4mvzv4G4ecq0lhqkBVrZLzvO5mAACfVwIc Q4GJxw1kSvTKUMXlYsNfOWo= =X5qc -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Situation remains cloudy. Dave Aitel (Aug 22)
- Re: Situation remains cloudy. BCreitz (Aug 22)