[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH Security Advisory: Trojaned Distribution Files

To: Dayton <smartestguy@technologist.com>
Subject: Re: OpenSSH Security Advisory: Trojaned Distribution Files
From: "Peter N. M. Hansteen" <peter@bgnett.no>
Date: Thu, 01 Aug 2002 18:58:10 +0200
Cc: Martin Reindl <mreindl@catai.org>, misc@openbsd.org
Organization: Datadokumentasjon A/S
References: <Pine.LNX.4.33L2.0208010950430.3586-100000@omni.acorn.net>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020623 Debian/1.0.0-0.woody.1

Dayton wrote:
> Yeah, but another thing we all should be wondering is, were any OTHER
> files tampered with? How safe is it, for example, for us to pull down
> the patch branch right now?

The compromised files were tarballs on the ftp site. AFAICS there is
no evidence that anything in OpenBSD's cvs was tampered with.

- P

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ 
http://www.datadok.no/

References:
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: Dayton <smartestguy@technologist.com>

Prev by Date: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Next by Date: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Prev by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Next by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Index(es):
- Date
- Thread