Language Selection

English French German Italian Portuguese Spanish

Red Hat Infrastructure report

Filed under
Linux
Security

Last week we discovered that some Fedora servers were illegally
accessed. The intrusion into the servers was quickly discovered, and the
servers were taken offline.

Security specialists and administrators have been working since then to
analyze the intrusion and the extent of the compromise as well as
reinstall Fedora systems. We are using the requisite outages as an
opportunity to do other upgrades for the sake of functionality as well
as security. Work is ongoing, so please be patient. Anyone with
pertinent information relating to this event is asked to contact
fedora-legal redhat com

One of the compromised Fedora servers was a system used for signing
Fedora packages. However, based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key. Based on our review to date, the
passphrase was not used during the time of the intrusion on the system
and the passphrase is not stored on any of the Fedora servers.

While there is no definitive evidence that the Fedora key has been
compromised, because Fedora packages are distributed via multiple
third-party mirrors and repositories, we have decided to convert to new
Fedora signing keys. This may require affirmative steps from every
Fedora system owner or administrator. We will widely and clearly
communicate any such steps to help users when available.

More Here




Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Papyros Is a Linux OS That Follows Google's Material Design and It Looks Stunning

Papyros is a new Linux distribution in the making that will use the Material Design style from Google. There is nothing to test so far, but the progress made by the developers is impressive and it's very likely that this will become one of the most interesting distros available. Read more

Variety Review – A Wallpaper Manager You Didn't Know You Wanted

Variety is an application that manages your wallpapers and is open source. You might ask, what's so special about that? Well, the truth is that you don't know you want one until you've actually tried it. Read more

DNF Plugins Extend The Functionality Of Fedora's Yum Successor

With the upcoming Fedora 22 release due out in May, DNF is positioned to replace Yum as the default package manager. While there's been many DNF articles on Phoronix in past months, one of the aspects not covered much to this point is the dnf-plugins-extra package that's in its very early stages. Version 0.0.3 of dnf-plugins-extras was released today as a collection of DNF plugins done by the community. Read more

CoreOS Releases Building Block For Distributed Systems

Hyperscale Linux operating system specialist CoreOS said it is releasing its latest open source component for sharing and managing configuration data and other functions used in distributed systems. San Francisco-based CoreOS announced its first stable release of etcd, or “etc distributed,” an open-source distributed key value store that provides the backbone of CoreOS clusters and the etcd clients that run on each machine in a cluster. “Our goal with etcd has been to make building and using distributed systems easier,” CoreOS CTO Brandon Philips said Wednesday (January 28) in announcing the release. Read more