[CentOS] RH's servers breached

Fri Aug 22 21:29:41 UTC 2008
Lance Davis <lance at centos.org>

On Fri, 22 Aug 2008, Paul Norton wrote:

> On Aug 22, 2008, at 12:25 PM, Jim Perrin wrote:
>
>> Russ has posted some information about this to planet.centos.org, but
>> basically at this point it does not appear to affect the CentOS
>> population. Karanbir has been crawling through the build system to
>> verify this, and we may release an announcement about this later.
>
> I see an announcement for the packages on the announce list, but no more 
> informamtion anywhere from the CentOS team (Planet or ML).  Are these 
> packages "just to be safe" or was there something actually found?

We have released updated packages because updated packages have been 
released upstream.

We have no reason to believe that any CentOS servers, packages or 
keys have been compromised.

We have been completing a full audit of our build systems that has so 
far not shown any evidence of any issues.

Regards
Lance

-- 
uklinux.net -
The ISP of choice for the discerning Linux user.