Kent West <[EMAIL PROTECTED]> writes: > Lukas Ruf wrote: > >>>Cristi Banciu <[EMAIL PROTECTED]> [2003-11-21 13:17]: >>> >>>http://cert.uni-stuttgart.de/files/fw/debian-security-20031121.txt >>> >>> >> >>after having read: I have run upgrades on various machines this >>morning. >> >>Is there any chance that these machines have been compromised too? >> >> > From the link: > >>The archive is not affected by this compromise! > > > so I wouldn't think so. But then I'm not really qualified to say what's > meant by this phrase.
It means ftp-master.debian.org, AKA auric.d.o, AKA the root source of the Debian archives that is spread by mirrors, was not compromised. No trojans could have been inserted in any Debian packages. Looking at http://db.debian.org/machines.cgi, the only systems compromised were x86 machines, which is typical of a script kiddie that only knows how to use precompiled binaries. However, auric and many other debian.org machines are non-x86. Score one for Debian's diverse support of architectures. -- Don't worry, it's *in*-flammable.
pgp00000.pgp
Description: PGP signature
