Language Selection

English French German Italian Portuguese Spanish

Linux Kernel Host Kernel.org Breached

Filed under
Linux
Security
Web

The site that hosts the Linux kernel's source code, Kernel.org was compromised earlier this month. The discovery was made on August 28th, and steps are being taken now to enhance security for the site and recovery is underway. The kernel code repositories are believed to be unaffected.

According to an unattributed post on the front page of Kernel.org, intruders managed to gain access via a compromised user credential. It's currently unknown how the attacker managed to escalate to root access.

After gaining access, the attacker modified files related to SSH services and added a trojan startup file to the system startup scripts. The trojan was discovered due to an error showing in a system log from a program not actually installed on the server (Xnest).

The status now is

Also: The Cracking of Kernel.org by Jon Corbet

And: kernel.org




More in Tux Machines

3 tools that make scanning on the Linux desktop quick and easy

Whether you're moving to a paperless lifestyle, need to scan a document to back it up or email it, want to scan an old photo, or whatever reason you have for making the physical electronic, a scanner comes in handy. In fact, a scanner is essential. But the catch is that most scanner makers don't have Linux versions of the software that they bundle with their devices. For the most part, that doesn't matter. Why? Because there are good scanning applications available for the Linux desktop. They work with a variety of scanners, and do a good job. Let's take a look at a three simple but flexible Linux scanning tools. Keep in mind that the software discussed below is hardly an exhaustive list of the scanner software that's available for the Linux desktop. It's what I've used extensively and found useful. Read more

Ubuntu 14.10 (Utopic Unicorn) Enters Final Beta Freeze

"As of nowish, the archive is frozen for 14.10 Final Beta preparation, and will continue to be frozen from here until Final release next month. As with the previous release, we have a bot in place that will accept uploads that are unseeded and don't affect images. Don't take this as an open invitation to break Feature Freeze on those components, this is just to reduce the burden on the release team, so we only review the uploads that need very serious consideration," notes Canonical's Adam Conrad. Read more

Second Bugfix Release for KDE Plasma 5 Arrives with Lots of Changes

"This release, versioned plasma-5.0.2, adds a month's worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important such as fixing text which couldn't be translated, using the correct icons and fixing overlapping files with KDELibs 4 software. It also adds a month's hard work of translations to make support in other languages even more complete," reads the announcement. Read more

Qt 5.4 Will Support Applications Under A Wayland Compositor

The QtWayland support for Qt 5.4 is considered a technical preview with support of QWidget-based apps being less than ideal, the QtCompositor API in QtWayland not seeing a release for Qt 5.4, and other work still needs to be pursued. The QtCompositor API for the QtWayland module is what's needed for those out there wishing to write their own Wayland compositors using Qt. Qt's support for XDG-Shell is also less than complete and there's also not any official sub-surface protocol support for QtWayland. Read more