Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Redhat OpenSSH updates

It appears that RedHat have released an update to it’s OpenSSH package after the reported breach of it’s servers last week. Although Redhat are still ongoing with the investigation into the breach, they are now certain that an attacker was able to sign a number of OpenSSH packages (i386 and x86_64) for Redhat Enterpise Linux 4 and 5. Those running these systems who may have installed these trojanised updates should reinstall with the updated packages now.

It’s unclear if Redhat will discover more issues related to the breach, so companies using Redhat or Fedora products should be on the lookout for any suspicious activity.

http://rhn.redhat.com/errata/RHSA-2008-0855.html

http://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html

Advertisements

Comments are closed.

%d bloggers like this: