<div dir="ltr">My understanding is Fedora found evidence of unauthorized access but no evidence of that access being used. The changing of their package signing keys is a precautionary measure.<br><br>The RedHat unauthorized access did involve malicious activity which changed the openssh binaries on an unspecified number of RHN servers. Currently, RedHat has not released a change in signing keys which indicates the either the binaries were not signed (and thus would not be loadable in a properly configured RedHat system) or the signature is invalid (thus again not affecting a properly installed RedHat - or CentOS - server). There is an outside chance that RedHats signing key was stolen and they have not revealed that but given the history of RedHat and their openess in general, I currently do not think the key has been compromised. <br>
<br><div class="gmail_quote">On Fri, Aug 22, 2008 at 5:31 PM, <span dir="ltr"><<a href="mailto:hscast@charter.net">hscast@charter.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div></div><div class="Wj3C7c"><br>
---- Jim Kinney <<a href="mailto:jim.kinney@gmail.com">jim.kinney@gmail.com</a>> wrote:<br>
> A very distressing announcement.<br>
> Be aware that this impacts CentOS servers as well. They have posted notice<br>
> <a href="http://lists.centos.org/pipermail/centos-announce/2008-August/015193.html" target="_blank">http://lists.centos.org/pipermail/centos-announce/2008-August/015193.html</a><br>
> <a href="http://lists.centos.org/pipermail/centos-announce/2008-August/015194.html" target="_blank">http://lists.centos.org/pipermail/centos-announce/2008-August/015194.html</a><br>
> of the updated openssh packages to re-secure the repositories.<br>
><br>
> On Fri, Aug 22, 2008 at 3:04 PM, Bob Toxen <<a href="mailto:transam@verysecurelinux.com">transam@verysecurelinux.com</a>>wrote:<br>
><br>
> > "In an email sent to the fedora-announce mailing list, it has been<br>
> > revealed that both Fedora and Red Hat servers have been compromised<br>
> > <<br>
> > <a href="https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html" target="_blank">https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html</a>><br>
> > .<br>
> > As a result Fedora is changing their package signing key. Red<br>
> > Hat has released a security advisory<br>
> > <<a href="https://rhn.redhat.com/errata/RHSA-2008-0855.html" target="_blank">https://rhn.redhat.com/errata/RHSA-2008-0855.html</a>> and a script to<br>
> > detect potentially compromised openssh packages<br>
> > <<a href="http://www.redhat.com/security/data/openssh-blacklist.html" target="_blank">http://www.redhat.com/security/data/openssh-blacklist.html</a>> ."<br>
> ><br>
> ><br>
> > Anyone running a Fedora or Red Hat Enterprise system where RPMs may have<br>
> > been<br>
> > installed recently, either automatically or manually, is at risk and should<br>
> > download Red Hat's tool to check for compromised RPMs.<br>
> ><br>
> > No doubt Microsoft will try to hype this. Remember that Microsoft is<br>
> > forced<br>
> > to provide a patch for the equivalent of a remote root vulnerability that<br>
> > affects MOST<br>
> > customers almost weekly, in our opinion.<br>
> ><br>
> > This appears to be a fault in System Administration by Red Hat rather than<br>
> > a security bug in Linux, though not all the facts are in at this time.<br>
> ><br>
> > Linux still is far more secure and reliable than Microsoft.<br>
> ><br>
> > Bob Toxen<br>
> > <a href="mailto:bob@verysecurelinux.com">bob@verysecurelinux.com</a> [Please use for email to me]<br>
> > _______________________________________________<br>
> > Ale mailing list<br>
> > <a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
> > <a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
> ><br>
><br>
><br>
><br>
> --<br>
> --<br>
> James P. Kinney III<br>
</div></div>Am I understanding this correct that the software used for updates as well may be contaminated as well? I am currently experiencing weird problems like things disappearing, unable to launch apps and now I can't login, oh also the gdm screen has gone black with just the login box. Running Fedora 9 or trying to. It's a little confusing right now since I also have new hardware, all at the same time.<br>
</blockquote></div><br><br clear="all"><br>-- <br>-- <br>James P. Kinney III <br><br>
</div>