Fedora confirms: Our servers were breached

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Fedora confirms: Our servers were breached
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Fri, 22 Aug 2008 17:41:59 +0300 (EEST)
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

New information about the "important infrastructure issue" affecting to Fedora 
Project has been released today.

Mr. Paul W. Frields, Fedora Project Leader has posted an announcement about the 
facts, including:

"One of the compromised Fedora servers was a system used for signing Fedora 
packages."

More information available at
https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
and
http://blogs.securiteam.com/index.php/archives/1130

Juha-Matti

Follow-Ups:
- Re: Fedora confirms: Our servers were breached
  - From: Dragos Ruiu

Prev by Date: Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
Next by Date: Re: Null Byte Local file Inclusion in FAR - PHP Project version:1.0
Previous by thread: Apple OSX Leopard (10.5+), inadequate ACL insight can create vuln
Next by thread: Re: Fedora confirms: Our servers were breached
Index(es):
- Date
- Thread