1 |
FSF posted a summary of what happend to them here |
2 |
http://ftp.gnu.org/MISSING-FILES.README |
3 |
|
4 |
I compared the md5sum's of the files I had in my (2.1 G) distfiles to |
5 |
the md5sums they posted and they all matched thankfully. |
6 |
|
7 |
heres a url to the simple bash script I used to compare the checksums |
8 |
http://dev.gentoo.org/~solar/gnu.md5sum.check |
9 |
|
10 |
On Thu, 2003-08-14 at 06:26, Paul de Vrieze wrote: |
11 |
> On Thursday 14 August 2003 08:00, Fred Van Andel wrote: |
12 |
> > On August 13, 2003 10:03 pm, Georgi Georgiev wrote: |
13 |
> > > > I dont have time now (I am at work) but can someone check the |
14 |
> > > > dates of the affected files to see if they are potentially |
15 |
> > > > suspect? |
16 |
> > > |
17 |
> > > Not good enough, is it? One can use "touch" to set the date to |
18 |
> > > anything they want. |
19 |
> > |
20 |
> > Yes you can, but only a truly incompetent cracker would set the date |
21 |
> > to be anything other than the date of the original file. The idea |
22 |
> > is to hide the fact that the file has changed, not broadcast it. |
23 |
> |
24 |
> I think it is better to look when the specific digest was added to cvs. As far |
25 |
> as I know our cvs has not been compromised. |
26 |
> |
27 |
> Paul |
28 |
-- |
29 |
Ned Ludd <solar@g.o> |
30 |
Gentoo Linux Developer (Hardened) |
31 |
|
32 |
|
33 |
-- |
34 |
gentoo-hardened@g.o mailing list |