On Fri, 22 Aug 2008, Jan Iven wrote: > On 08/22/2008 02:57 PM, Stephan Wiesand wrote: >> Hi Connie & Troy, >> >> RHSA-2008-0855 scares me. >> >> There's not much information in that advisory, but it sounds like >> someone signed trojaned ssh packages with TUV's key. > > (Red Hat claims that these never made it through RHN to customer > machines, so that only some unspecified other channels would be affected). Well, they make no claims regarding their public ftp Server, do they? >> Could you please verify that the SRPMS you built from had not been >> tampered with, and let us know? > > Red Hat only mentions some binary RPMs as being affected, given that SL > recompiles everything I hope we are largely safe. Nevertheless, they've > released updates for all platforms. I must have missed the "binary" part. And from the check script: # Alternatively, the script can be passed a list of RPM filenames: # # $ bash ./openssh-blacklist-1.0.sh some.i386.rpm other.src.rpm I don't think it's very likely that SL is in trouble. But let's make sure. Unfortunately, I can't find the SL4/5 SRPMS on my SL mirror, hence the request. Regards, Stephan -- Stephan Wiesand DESY - DV - Platanenallee 6 15738 Zeuthen, Germany