Hi all,
http://www.redhat.com/security/data/openssh-blacklist.html
It seems someone got a hold of the redhat pgp signing keys and
distributed compromised openssh rpm's The check script tests for
modified binaries.
The article focuses on RHN not being compromised but is a bit vague
about which channels were affected. Apparently some compromised openSSH
rpm's are circulating in the wild.
Just a question: is there any chance of SRPM being compromised, which
would affect SL and Centos?
Roelof