This is a very unfortunate incident to report about. Some Debian
servers were found to have been compromised in the last 24
hours.
The archive is not affected by this compromise!
In particular the following machines have been affected:
- master (Bug Tracking System)
- murphy (mailing lists)
- gluck (web, cvs)
- klecker (security, non-us, web search, www-master)
Some of these services are currently not available as the
machines undergo close inspection. Some services have been moved to
other machines (www.debian.org
for example).
The security archive will be verified from trusted sources
before it will become available again.
Please note that we have recently prepared a new point release
for Debian GNU/Linux 3.0 (woody), release 3.0r2. While it has not
been announced yet, it has been pushed to our mirrors already. The
announcement was scheduled for this morning but had to be
postponed. This update has now been checked and it is not affected
by the compromise.
We apologise for the disruptions of some services over the next
few days. We are working on restoring the services and verifying
the content of our archives.