[ale] Recent events with RH/Fedora servers.

Jeff Lightner jlightner at water.com
Tue Sep 2 14:54:52 EDT 2008 

Also the official notice I got said they think it only affected some
RHEL4 and RHEL5 - it didn't mention Fedora but then it again RHN alerts
are aimed at RHEL subscribers so they might have just left it out.

 

The link for this on RedHat's site is:

http://www.redhat.com/security/data/openssh-blacklist.html

 

There is another link on RHN itself but you need a login to access the
other one.

 

In the above link (and alert I got) it says in part:

 

"we remain highly confident that our systems and processes prevented the
intrusion from compromising RHN or the content distributed via RHN and
accordingly believe that customers who keep their systems updated using
Red Hat Network are not at risk"

 

It was that statement that led me to believe no one using RHN would have
been affected.

 

________________________________

From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jim
Kinney
Sent: Tuesday, September 02, 2008 2:40 PM
To: ale at ale.org
Subject: Re: [ale] Recent events with RH/Fedora servers.

 

 

On Tue, Sep 2, 2008 at 2:24 PM, Scott Castaline <hscast at charter.net>
wrote:

Ok, at the risk of sounding totally ignorant, does that mean any Fedora
9 install images that I downloaded during the time in question should be
considered unsafe and immediately destroyed to oblivion, or can they be
considered safe? Also any installs that may have been down with the
original F 9 release images are the massive amounts of updates
considered hazardous to my health?

The disk ISO's are ok as they were installed many months earlier. The
problem affects the update to ssh. As long as you do an update now, you
will get the new, clean ssh binaries.


-- 
-- 
James P. Kinney III
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20080902/db7592d0/attachment-0001.html

More information about the Ale mailing list