Red Hat fesses up to Fedora FOSS security fiasco

Discussion in 'News' started by Kitkatninja, Aug 25, 2008.

  1. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,143
    559
    383
    Aug 25, 2008 #1

    Red Hat fesses up to Fedora FOSS security fiasco



    A week or so ago, end users of the Linux-based Red Hat Fedora OS were warned to avoid downloading packages due to an "issue in the infrastructure systems" which waved big red flags suggesting a security breach to many industry observers. Now Fedora has admitted Red Hat OpenSSH packages were compromised by two separate server intrusions...

    It all started with a highly cryptic Fedora-Announce mailing list posting which stated that "The Fedora Infrastructure team is currently investigating an issue in the infrastructure systems. That process may result in service outages, for which we apologize in advance."

    Fair enough, that kind of thing happens, apology accepted. What was less acceptable was the bit which went on to say that "We’re still assessing the end-user impact of the situation, but as a precaution, we recommend you not download or update any additional packages on your Fedora systems."
    Now, most sane-brained people would read that and think 'avoid downloading packages on Fedora systems' + 'issue in the infrastructure systems' = SECURITY BREACH!

    Read here for the whole story.

    -Ken
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
porta2_tags:

Comments

    Share This Page

Remove Advertisement - Premium Membership
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...