funsec mailing list archives
Re: Fedora confirms: Our servers were breached
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Fri, 22 Aug 2008 12:25:38 -0400
Yes, the fact that Fedora isn't RHEL.
OK, thanks, I see that. Let me get something straight here:
... the intruder was able to sign a small number of OpenSSH packages
relating only to Red Hat Enterprise Linux... So the suspicion is that the intruder inserted malicious code (or maybe the Debian random number generator?) into the packages and signed them? Is anyone else as appalled by this as I am? Has there been such a compromise of a major OS before? I also have to say that this is the first I've heard that RH and/or Fedora sign their distribution packages. Is this common among Linux distros? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com -----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Friday, August 22, 2008 12:11 PM To: Larry Seltzer Cc: Juha-Matti Laurio; funsec () linuxbox org Subject: Re: [funsec] Fedora confirms: Our servers were breached On Fri, 22 Aug 2008 11:51:02 EDT, Larry Seltzer said:
...based on our efforts, we have high confidence that the intruder was not able to capture the passphrase used to secure the Fedora package signing key.
^^^^^^
number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5
^^^^^^^^^^^^^^^^^^^^^^^^
Is there a subtle distinction I'm missing here?
Yes, the fact that Fedora isn't RHEL. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Fedora confirms: Our servers were breached Juha-Matti Laurio (Aug 22)
- Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)
- Re: Fedora confirms: Our servers were breached Valdis . Kletnieks (Aug 22)
- Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)
- Re: Fedora confirms: Our servers were breached Valdis . Kletnieks (Aug 22)
- Re: Fedora confirms: Our servers were breached Valdis . Kletnieks (Aug 22)
- Re: Fedora confirms: Our servers were breached Dragos Ruiu (Aug 22)
- Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)
- Re: Fedora confirms: Our servers were breached Larry Seltzer (Aug 22)