Published:
24 November 2003
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2003.0808 -- Debian Security Advisory
Some Debian Project machines have been compromised
24 November 2003
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Debian
Publisher: Debian
Impact: Reduced Security
Comment: Debian have stated that the recent point release for Debian
GNU/Linux 3.0 (woody), release 3.0r2 is not affected by the
compromise.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory http://www.debian.org/security/
Some Debian Project machines compromised security@debian.org
November 21st, 2003 debian-security-announce@lists.debian.org
- - ------------------------------------------------------------------------
Some Debian Project machines have been compromised
This is a very unfortunate incident to report about. Some Debian
servers were found to have been compromised in the last 30 hours.
The archive is not affected by this compromise!
The security server is not yet restored and security updates are
currently not available.
In particular the following machines have been affected:
. master (Bug Tracking System)
. murphy (mailing lists)
. gluck (web, cvs)
. klecker (security, non-us, web search, www-master, qa)
Some of these services are currently not available as the machines
undergo close inspection. Some services have been moved to other
machines (www.debian.org for example).
The security archive will be verified from trusted sources before it
will become available again.
Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2. While it has not been
announced yet, it has been pushed to our mirrors already. The
announcement was scheduled for this morning but had to be postponed.
This update has now been checked and it is not affected by the
compromise.
We apologise for the disruptions of some services over the next few
days. We are working on restoring the services and verifying the
content of our archives.
Contact Information
- - -------------------
For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD4DBQE/vkFtW5ql+IAeqTIRApL5AJjT8aptDgGwDV+5diAwFJo9M1lnAKCg46pU
D2oP7vcGYBJF0hFSD5YU6Q==
=7brj
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP8F6ASh9+71yA2DNAQF4WgP/bCaXN0UY8pnxuGCfsNCqK3u/rimN33rl
5HN95nfODwNGgCra8IOxykQdOmtNzbZci4vnaAzocDrrHIeFPD7uTKH/praQo9bm
KzT5cEa3NrVb/g1KWNWFtKuoE/ixh/2T1en1+w612pJcTJRJf+hzCBu6RS/jPI1F
otHWjEvYMsk=
=P6Ai
-----END PGP SIGNATURE-----