Re: [Nolug] Anyone else having troubles with debian.org?

From: scotth_at_scottharney.com
Date: Fri, 21 Nov 2003 18:30:29 -0600
Message-ID: <87k75tjlcq.fsf@minorthreat.local.lan>

Ron Johnson <ronjohnsonjr@yahoo.com> writes:

> All afternoon, I've been trying to submit a query to
> http://packages.debian.org/cgi-bin/search_contents.pl, but
> it always times out.

Guess you don't read slashdot or lwn....

http://slashdot.org/article.pl?sid=03/11/21/1314238&mode=thread&tid=126&tid=172&tid=185&tid=90
http://cert.uni-stuttgart.de/files/fw/debian-security-20031121.txt

From: Martin Schulze <joey@infodrom.org>
Subject: Some Debian Project machines have been compromised
To: Debian Announcements <debian-announce@lists.debian.org>
Date: Fri, 21 Nov 2003 11:46:19 +0100
Message-ID: <20031121104619.GK2458@finlandia.infodrom.north.de>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Some Debian Project machines compromised press@debian.org
November 21st, 2003
- ------------------------------------------------------------------------

Some Debian Project machines have been compromised

This is a very unfortunate incident to report about. Some Debian
servers were found to have been compromised in the last 24 hours.

The archive is not affected by this compromise!

In particular the following machines have been affected:

  . master (Bug Tracking System)
  . murphy (mailing lists)
  . gluck (web, cvs)
  . klecker (security, non-us, web search, www-master)

Some of these services are currently not available as the machines
undergo close inspection. Some services have been moved to other
machines (www.debian.org for example).

The security archive will be verified from trusted sources before it
will become available again.

Please note that we have recently prepared a new point release for
Debian GNU/Linux 3.0 (woody), release 3.0r2. While it has not been
announced yet, it has been pushed to our mirrors already. The
announcement was scheduled for this morning but had to be postponed.
This update has now been checked and it is not affected by the
compromise.

We apologise for the disruptions of some services over the next few
days. We are working on restoring the services and verifying the
content of our archives.

Contact Information
- -------------------

For further information, please visit the Debian web pages at
<http://www.debian.org/> or send mail to <press@debian.org>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/vfsJW5ql+IAeqTIRApjYAJ4v6QK07nyNNyBCvsosorej3cwMHACfZcLt
PwFJYJu8w1rU64Z82ddF6LY=
=If2b
-----END PGP SIGNATURE----- 

-- 
Scott Harney<scotth@scottharney.com>
"...and one script to rule them all."
gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
___________________
Nolug mailing list
nolug@nolug.org
Received on 11/21/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST