Linux distributor Red Hat has issued a statement (Ed: via their errata) revealing that its servers were illegally infiltrated by unknown intruders. According to the company, internal audits have confirmed that the integrity of the Red Hat Network software deployment system was not compromised. The community-driven Fedora project, which is sponsored by Red Hat, also fell victim to a similar attack. More news is available around the web.
Permalink for comment 327961
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Member since:
2005-08-27
"Last week Red Hat detected an intrusion on certain of its computer systems and took immediate action."
"the intruder was able to sign a small
number of OpenSSH packages"
If an outsider is able to gain Redhat's signing authority, then there is something wrong about how and where such critical data is stored there. Redhat also mixes in a separate security fix in this errata to make the break in and internal problem seem trivial.