full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Fedora confirms: Our s

Re: [Full-disclosure] Fedora confirms: Our servers were breached

From: Dragos Ruiu <dr_at_nospam>
Date: Fri Aug 22 2008 - 20:25:41 GMT
To: Juha-Matti Laurio <juha-matti.laurio@netti.fi>

On 22-Aug-08, at 7:41 AM, Juha-Matti Laurio wrote:
> New information about the "important infrastructure issue" affecting
> to Fedora Project has been released today.
> Mr. Paul W. Frields, Fedora Project Leader has posted an
> announcement about the facts, including:
> "One of the compromised Fedora servers was a system used for signing
> Fedora packages."
> More information available at
> https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
> and
> http://blogs.securiteam.com/index.php/archives/1130

It's ok, only a small number of architectures were affected:

http://rhn.redhat.com/errata/RHSA-2008-0855.html

You only have something to worry about if you have some x86 boxes. :-)

cheers,
--dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Buenos Aires, Argentina Sept. 30 / Oct. 1 - 2008 http://ba-con.com.ar Tokyo, Japan November 12/13 2008 http://pacsec.jp Vancouver, Canada March 16-20 2009 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/