[CentOS] RH's servers breached
Scott Beardsley
scott at cse.ucdavis.eduFri Aug 22 17:59:40 UTC 2008
- Previous message: [CentOS] RH's servers breached
- Next message: [CentOS] RH's servers breached
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> What's the point on this for us, CentOS users ? I'd like to know if CentOS has been affected by RH's compromise. Can someone please comment? AFAIK, CentOS builds from RHEL SRPMs right? So as Rui mentioned the script that RH provided is useless. They do give the version info of the compromised packages: # The signed tampered packages were: # # openssh-3.9p1-8.RHEL4.24 for i386, x86_64 architecture # openssh-3.9p1-9.el4 for i386, x86_64 architecture # openssh-4.3p2-26 for x86_64 architecture # openssh-4.3p2-26.el5 for x86_64 architecture Of course I have all of these on my local CentOS mirror right now. It would be nice to know if I'm serving compromised packages. RH doesn't mention whether the SRPMs were compromised. If they were I suspect CentOS is affected also. Thanks in advance, Scott
- Previous message: [CentOS] RH's servers breached
- Next message: [CentOS] RH's servers breached
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list