Infrastructure report, 2008-08-22 UTC 1200

"It is important to note that the effects of the intrusion on Fedora and Red Hat are *not* the same. Accordingly, the Fedora package signing key is not connected to, and is different from, the one used to sign Red Hat Enterprise Linux packages. Furthermore, the Fedora package signing key is also not connected to, and is different from, the one used to sign community Extra Packages for Enterprise Linux (EPEL) packages."

Complete Story

Related Stories:

• CentOS Position on Systems Intrusion at Red Hat(Aug 23, 2008)
• OpenSSH for Red Hat Enterprise Linux Packages May Have Been Compromised(Aug 22, 2008)
• Fedora and Red Hat Servers Compromised(Aug 22, 2008)
• Troubles in Fedora Land - Don't Update!(Aug 18, 2008)