Linux distributor Red Hat has issued a statement (Ed: via their errata) revealing that its servers were illegally infiltrated by unknown intruders. According to the company, internal audits have confirmed that the integrity of the Red Hat Network software deployment system was not compromised. The community-driven Fedora project, which is sponsored by Red Hat, also fell victim to a similar attack. More news is available around the web.
Thread beginning with comment 327980
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:
2006-01-09
Actually, there were two separate attacks (although probably related) on the Red Hat and Fedora infrastructure servers. The Red Hat attacker was able to sign some openssh packages. My impression is that the intrusion was detected before the packages were pushed to users. But they did not compromise the private key since it is in a hardware device.
The Fedora attacker was not able to sign any packages but did potentially compromise the signing key so they generated a new one. In both cases, they shut down the update service until everything was fixed. They also forced all the Fedora contributors to generate new certificates and upload new SSH keys.