[plug] [joey at infodrom.org: Some Debian Project machines have been compromised]
Chris Caston
caston at arach.net.au
Fri Nov 21 21:19:02 WST 2003
No wonder it was down!
!?!?
So what all are boxes are owned now?
So why aren't the updates signed?
regards,
Chris
On Fri, 2003-11-21 at 20:31, Trent Lloyd wrote:
> ----- Forwarded message from Martin Schulze <joey at infodrom.org> -----
>
> Delivered-To: trent at ucc.gu.uwa.edu.au
> Old-Return-Path: <joey at infodrom.org>
> Date: Fri, 21 Nov 2003 11:46:19 +0100
> From: Martin Schulze <joey at infodrom.org>
> To: Debian Announcements <debian-announce at lists.debian.org>
> Subject: Some Debian Project machines have been compromised
> User-Agent: Mutt/1.5.4i
> Resent-Message-ID: <M6ofX.A.GeE.nHfv_ at murphy>
> Resent-From: debian-announce at lists.debian.org
> X-Mailing-List: <debian-announce at lists.debian.org> archive/latest/81
> X-Loop: debian-announce at lists.debian.org
> List-Id: <debian-announce.lists.debian.org>
> List-Post: <mailto:debian-announce at lists.debian.org>
> List-Help: <mailto:debian-announce-request at lists.debian.org?subject=help>
> List-Subscribe: <mailto:debian-announce-request at lists.debian.org?subject=subscribe>
> List-Unsubscribe: <mailto:debian-announce-request at lists.debian.org?subject=unsubscribe>
> List-Archive: <http://lists.debian.org/debian-announce/>
> Precedence: list
> Resent-Sender: debian-announce-request at lists.debian.org
> Resent-Date: Fri, 21 Nov 2003 05:07:19 -0600 (CST)
> X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on
> mooneye.ucc.gu.uwa.edu.au
> X-Spam-Level:
> X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00 autolearn=no
> version=2.60
>
> ------------------------------------------------------------------------
> The Debian Project http://www.debian.org/
> Some Debian Project machines compromised press at debian.org
> November 21st, 2003
> ------------------------------------------------------------------------
>
> Some Debian Project machines have been compromised
>
> This is a very unfortunate incident to report about. Some Debian
> servers were found to have been compromised in the last 24 hours.
>
> The archive is not affected by this compromise!
>
> In particular the following machines have been affected:
>
> . master (Bug Tracking System)
> . murphy (mailing lists)
> . gluck (web, cvs)
> . klecker (security, non-us, web search, www-master)
>
> Some of these services are currently not available as the machines
> undergo close inspection. Some services have been moved to other
> machines (www.debian.org for example).
>
> The security archive will be verified from trusted sources before it
> will become available again.
>
> Please note that we have recently prepared a new point release for
> Debian GNU/Linux 3.0 (woody), release 3.0r2. While it has not been
> announced yet, it has been pushed to our mirrors already. The
> announcement was scheduled for this morning but had to be postponed.
> This update has now been checked and it is not affected by the
> compromise.
>
> We apologise for the disruptions of some services over the next few
> days. We are working on restoring the services and verifying the
> content of our archives.
>
>
> Contact Information
> -------------------
>
> For further information, please visit the Debian web pages at
> <http://www.debian.org/> or contact <press at debian.org>.
>
_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
More information about the plug
mailing list