An attacker has attempted to compromise the servers for the Fedora Project, the community version of Red Hat Enterprise Linux, but no damage or code servers, according to an e-mail sent to the Fedora mailing list on January 25 .
In the statement, "a security incident on Fedora infrastructure" right Fedora Project manager Jared Smith revealed that the login and password Fedora contributor was stolen and used to access systems on January 22.
It was a factor against those who had the right to run the code packages for Fedora SCM, build and manage to make updates to the Fedora packages, according to Smith. Donor had no sysadmin or Release Engineering teams, and had only limited rights fedorapeople.org wrote.
Fedora Infrastructure team is investigating the incident and was unable to conclude that the attacker does not push changes to files Fedora SCM access project on pkgs.fedoraproject.org, perform a building, or pushing a set of updates day, according to Smith. "We do not believe that all packages Fedora or Fedora contributor to other accounts were affected, and there is" no evidence "that the compromise" extended beyond this one account, he writes.
What the attacker has managed to do was change the SSH key value stored in the Fedora Account System and the connection to fedorapeople.org, Smith said. The breach was discovered because the original user account has received an e-mail system Fedora Accounts, giving details of your account has been changed. Once the infrastructure team has been notified, the account in question was closed and the records of a detailed audit was carried out to monitor all activities attacker, wrote Smith. The Infrastructure team took pictures of all file systems to access the account and compared with the previous tables to ensure that no changes had been made.
With fedorapeople.org compromise, the attacker could have pushed to change Fedora SCM system, but Smith said that was unlikely. Always encourages Fedora package maintainers to report anything they considered suspicious.
The account information was "external danger" and "Fedora Infrastructure has not been subject to any vulnerability or exploit code," wrote Smith. He reminded donors the importance of choosing a password and do not recycle their password Fedora on other sites or accounts.
This is the third attack in an open source project in recent weeks. In December, the main source code repository for the Free Software Foundation was closed after the attackers compromise the passwords of the site. Also in December, the attackers beat up proftpd server unpatched vulnerabilities in the application. Three days, someone downloading open-source file transfer application if the infected version of attackers with unauthorized use of their systems.
Apache was beaten twice in 2010 and Fedora was compromised once in 2008. In this incident, both servers from Fedora and Red Hat are "illegal access" by a note from Fedora Project Leader Paul Friedl at the time. But again, the attackers had no impact on Fedora Linux and related packages. After the transaction, Red Hat and Fedora security keys issued new and improved their security practices, even if it meant delaying the release of Fedora products.
