[sanniolug] [(fwd): [Torte] Annuncio Ufficiale di Debian]

  • From: barrav <barrav@xxxxxxxxx>
  • To: sannio <sanniolug@xxxxxxxxxxxxx>
  • Date: Fri, 21 Nov 2003 13:12:13 +0100

----- Forwarded message from Andrea Glorioso <sama@xxxxxxxxxxxxxx> -----


http://cert.uni-stuttgart.de/files/fw/debian-security-20031121.txt

Notate le seguenti righe:

- "Some Debian servers were found to have been compromised in the last
24 hours."
^^^^^^^^

- "The archive is not affected by this compromise!"
       ^^^^^^^    ^^^^^^^^^^^^

- "In particular the following machines have been affected:

  [...]

  klecker (security, non-us, web search, www-master)"
           ^^^^^^^^  ^^^^^^

- "Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2.  [...]  This update has
now been checked and it is not affected by the compromise."
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Quindi, bloccate gli upgrade da security.debian.org e da non-US.

Se usate testing e unstable, io aspetterei ancora due-tre giorni prima
di fare un   upgrade, giusto per  verificare che  niente sia scivolato
dentro  (ne dubito,  ma come  dicevo  prima, p4r4n014 ru13z  in questi
casi).

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

[Courtesy of Martin Schulze.]

------------------------------------------------------------------------
The Debian Project                                http://www.debian.org/
Some Debian Project machines compromised                press@xxxxxxxxxx
November 21st, 2003
------------------------------------------------------------------------

Some Debian Project machines have been compromised

This is a very unfortunate incident to report about.  Some Debian
servers were found to have been compromised in the last 24 hours.

The archive is not affected by this compromise!

In particular the following machines have been affected:

  . master (Bug Tracking System)
  . murphy (mailing lists)
  . gluck (web, cvs)
  . klecker (security, non-us, web search, www-master)

Some of these services are currently not available as the machines
undergo close inspection.  Some services have been moved to other
machines (www.debian.org for example).

The security archive will be verified from trusted sources before it
will become available again.

Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2.  While it has not been
announced yet, it has been pushed to our mirrors already.  The
announcement was scheduled for this morning but had to be postponed.
This update has now been checked and it is not affected by the
compromise.

We apologise for the disruptions of some services over the next few
days.  We are working on restoring the services and verifying the
content of our archives.


Contact Information
-------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@xxxxxxxxxx>.

-- 
Whenever you meet yourself you're in a time loop or in front of a
mirror.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

ciao,

andrea
--
E quanto e` solo un uomo lo so solo io             andrea glorioso
Mentre volo sopra le ferite delle citta`    
E come un grande amore gli dico addio              www.emergency.it
E come e` solo un uomo lo so solo io            sama@xxxxxxxxxxxxxx

_______________________________________________
Torte mailing list
Torte@xxxxxxxxxxxxxxx
http://lists.initd.org/mailman/listinfo/torte


----- End forwarded message -----


-- 
  Bartolomeo
         -------->

Other related posts:

  • » [sanniolug] [(fwd): [Torte] Annuncio Ufficiale di Debian]