intrusion announced November 17th 2012 - BSD

Users browsing this thread: 1 Guest(s)
Long time nixers

Quote:Security Incident on FreeBSD Infrastructure
From: FreeBSD Security Officer <>
To: FreeBSD Security <>
Subject: Security Incident on FreeBSD Infrastructure

On Sunday 11th of November, an intrusion was detected on two machines within the cluster. The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution.

We have found no evidence of any modifications that would put any end user at risk. However, we do urge all users to read the report available at and decide on any required actions themselves. We will continue to update that page as further information becomes known. We do not currently believe users have been affected given current forensic analysis, but we will provide updated information if this changes.

As a result of this event, a number of operational security changes are being made at the FreeBSD Project, in order to further improve our resilience to potential attacks. We plan, therefore, to more rapidly deprecate a number of legacy services, such as cvsup distribution of FreeBSD source, in favour of our more robust Subversion, freebsd-update, and portsnap models.

More information is available at

Saturday November 17th, 2012

Possible 3rd party package corruption!
Someone doesn't appreciate my php generated image!
Grey Hair Nixers
THey took drastic measures to ensure nobody gets problems :)