BE CAREFUL with those 7.2 CD's... Read below. Shannon
-----Forwarded Message----- > From: Terry Doub <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: NIPC Alert > Date: 25 Oct 2001 13:53:47 -0500 > > The latest online update of Red Hat Linux, also known by its code name, > "Enigma," which was released 23 October, could have been tampered with by > attackers, a security expert warned. Copies of Red Hat Linux 7.2 > available from some download sites were not digitally signed by the > developer, Red Hat Inc., according to Kurt Seifried, author of an online > book entitled "Linux Administrator's Security Guide." "Either Red Hat did > not sign these packages, or someone subverted the distribution process > before the files got to various sites," said Seifried in a security > advisory issued 23 October. Without such signatures, "it becomes trivial > for an attacker to replace packages on a distribution site with no one > being able to easily verify that they have been subverted," said > Seifried's advisory. A Red Hat spokesperson said the company was studying > the security report. > (Source: Newsbytes, 23 October) ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
