« Whitepaper: Bypassing ASP .NET “ValidateRequest” for Script Injection Attacks | Main | Cross-site hacks and the art of self defence »

Redhat/Fedora Servers compromised, package signing key stolen, rogue packages possibly signed

Both the Redhat and Fedora servers have been hacked by an attacker who has not only gained access to these systems, but may have also deployed rogue packages and signed them with Redhat's private key. Redhat has provided a script for users to check to see if the compromised packages have been deployed on their systems.

Security Advisory: https://rhn.redhat.com/errata/RHSA-2008-0855.html


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!