Language Selection

English French German Italian Portuguese Spanish

Red Hat Infrastructure report

Filed under
Linux
Security

Last week we discovered that some Fedora servers were illegally
accessed. The intrusion into the servers was quickly discovered, and the
servers were taken offline.

Security specialists and administrators have been working since then to
analyze the intrusion and the extent of the compromise as well as
reinstall Fedora systems. We are using the requisite outages as an
opportunity to do other upgrades for the sake of functionality as well
as security. Work is ongoing, so please be patient. Anyone with
pertinent information relating to this event is asked to contact
fedora-legal redhat com

One of the compromised Fedora servers was a system used for signing
Fedora packages. However, based on our efforts, we have high confidence
that the intruder was not able to capture the passphrase used to secure
the Fedora package signing key. Based on our review to date, the
passphrase was not used during the time of the intrusion on the system
and the passphrase is not stored on any of the Fedora servers.

While there is no definitive evidence that the Fedora key has been
compromised, because Fedora packages are distributed via multiple
third-party mirrors and repositories, we have decided to convert to new
Fedora signing keys. This may require affirmative steps from every
Fedora system owner or administrator. We will widely and clearly
communicate any such steps to help users when available.

More Here




Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Snappy Open House Is Your Chance to Get Familiar with Ubuntu Snappy

Nicholas Skaggs had the great pleasure of announcing a couple of days ago yet another innovation from Canonical, Snappy Open House, a new way for Ubuntu developers, contributors, and members of the community to get familiar with the Snappy technology created by Canonical for its Ubuntu Linux operating system. Read more Also: First Ubuntu Snappy Open House Announced, UbuCon Germany Planning Continues

Linux 4.2 Bringing Support For ARCv2, HS38 CPU Cores

The ARC architecture updates for the Linux 4.2 kernel have landed. With the ARC architecture updates in Linux 4.2 comes support for HS38 cores, which in turn are based on the Synopsys next-gen ISA known as ARCv2. The ARCv2 ISA is faster and more feature-rich than their original instruction set architecture. The HS38 cores have a 10-stage pipeline core with MMU support, SMP up to four cores, and other new features. The HS38 processor is still 32-bit and is "optimized for high-performance embedded applications running Linux." Read more Also: Radeon & AMDGPU DRM Fixes Queue Up For Linux 4.2

Ubuntu Touch OTA-5 Will Bring a New Thumbnailer in Unity 8, Support for Refunds

Canonical's Alejandro J. Cura had the great pleasure of reporting a few hours ago that the upcoming OTA-5 update for the Ubuntu Touch mobile operating system will get some attractive new features in the Unity 8 user interface. Read more

The July 2015 issue of the PCLinuxOS Magazine

With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. Read more