[funsec] Fedora confirms: Our servers were breached

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri Aug 22 11:10:55 CDT 2008


On Fri, 22 Aug 2008 11:51:02 EDT, Larry Seltzer said:

> >> ...based on our efforts, we have high confidence
> >> that the intruder was not able to capture the passphrase used to secure
> >> the Fedora package signing key.
         ^^^^^^
> >> number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 
> >> (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5
                                              ^^^^^^^^^^^^^^^^^^^^^^^^
> Is there a subtle distinction I'm missing here?

Yes, the fact that Fedora isn't RHEL.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://linuxbox.org/pipermail/funsec/attachments/20080822/405ca1a1/attachment.pgp 


More information about the funsec mailing list