funsec mailing list archives

Re: Fedora confirms: Our servers were breached

From: Valdis.Kletnieks () vt edu
Date: Fri, 22 Aug 2008 12:10:55 -0400

On Fri, 22 Aug 2008 11:51:02 EDT, Larry Seltzer said:

...based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key.

         ^^^^^^

number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 
(i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5

                                              ^^^^^^^^^^^^^^^^^^^^^^^^

Is there a subtle distinction I'm missing here?


Yes, the fact that Fedora isn't RHEL.

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Fedora confirms: Our servers were breached Juha-Matti Laurio (Aug 22)
- Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)
  - Re: Fedora confirms: Our servers were breached Valdis . Kletnieks (Aug 22)
    - Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)
    - Re: Fedora confirms: Our servers were breached Valdis . Kletnieks (Aug 22)
  - Re: Fedora confirms: Our servers were breached Dragos Ruiu (Aug 22)
    - Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)