Linked by Thom Holwerda on Wed 16th Dec 2009 21:38 UTC, submitted by whorider
Privacy, Security, Encryption This news is already a week old, but it only got submitted to us today, and I didn't notice it all. As it turns out, two malicious software packages had been uploaded to, masquerading as valid .deb packages (a GNOME screensaver and theme, respectively).
Thread beginning with comment 400105
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[4]: Bottom Line - Red Hat
by jabbotts on Thu 17th Dec 2009 15:06 UTC in reply to "RE[3]: Bottom Line"
Member since:

I believe it was Red Hat's repositories that where breached a year or two ago. The cause was a config error which allowed someone to push modified .rpm into some of the repository mirrors. I believe it was caught quickly and was due to a config error rather software flaws. It also doesn't mean all repositories are wide open. The repository should be the safest source for packages but one should still remain aware of what they are doing.

Reply Parent Score: 3