Stephan Wiesand wrote: > On Fri, 22 Aug 2008, Jan Iven wrote: > >> On 08/22/2008 02:57 PM, Stephan Wiesand wrote: >>> Hi Connie & Troy, >>> >>> RHSA-2008-0855 scares me. >>> >>> There's not much information in that advisory, but it sounds like >>> someone signed trojaned ssh packages with TUV's key. >> (Red Hat claims that these never made it through RHN to customer >> machines, so that only some unspecified other channels would be affected). > > Well, they make no claims regarding their public ftp Server, do they? > >>> Could you please verify that the SRPMS you built from had not been >>> tampered with, and let us know? >> Red Hat only mentions some binary RPMs as being affected, given that SL >> recompiles everything I hope we are largely safe. Nevertheless, they've >> released updates for all platforms. > > I must have missed the "binary" part. And from the check script: > > # Alternatively, the script can be passed a list of RPM filenames: > # > # $ bash ./openssh-blacklist-1.0.sh some.i386.rpm other.src.rpm > > I don't think it's very likely that SL is in trouble. But let's make sure. > Unfortunately, I can't find the SL4/5 SRPMS on my SL mirror, hence the > request. > I have rsynced the openssh src.rpm's up, so they are in the rolling area now. But I am currently downloading and recompiling their updated openssh right now. It will be in the Release Candidate 1 that is going to be released today. Troy -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________