This week at LWN: Fedora, Red Hat, and distributor security

Posted by Scott_Ruecker on Sep 9, 2008 10:03 AM EDT
LWN.net; By Jonathan Corbet
Mail this story
Print this story

On August 22, the Fedora Project released an "infrastructure report" confirming what most observers had, by then, suspected: the project had suffered a major security breach. The attacker got as far as a system used to sign packages distributed by Fedora. That, of course, is something close to a worst-case scenario: if an intruder has control over such a system, it's a relatively small step to capture the package signing key and the passphrase used to employ that key. And those, in turn, could be used to create hostile packages which would be accepted as genuine by Fedora installations worldwide.

Full Story

  Nav
» Read more about: Groups: Fedora, Red Hat; Story Type: News Story

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.