| 1 |
FSF posted a summary of what happend to them here |
| 2 |
http://ftp.gnu.org/MISSING-FILES.README |
| 3 |
|
| 4 |
I compared the md5sum's of the files I had in my (2.1 G) distfiles to |
| 5 |
the md5sums they posted and they all matched thankfully. |
| 6 |
|
| 7 |
heres a url to the simple bash script I used to compare the checksums |
| 8 |
http://dev.gentoo.org/~solar/gnu.md5sum.check |
| 9 |
|
| 10 |
On Thu, 2003-08-14 at 06:26, Paul de Vrieze wrote: |
| 11 |
> On Thursday 14 August 2003 08:00, Fred Van Andel wrote: |
| 12 |
> > On August 13, 2003 10:03 pm, Georgi Georgiev wrote: |
| 13 |
> > > > I dont have time now (I am at work) but can someone check the |
| 14 |
> > > > dates of the affected files to see if they are potentially |
| 15 |
> > > > suspect? |
| 16 |
> > > |
| 17 |
> > > Not good enough, is it? One can use "touch" to set the date to |
| 18 |
> > > anything they want. |
| 19 |
> > |
| 20 |
> > Yes you can, but only a truly incompetent cracker would set the date |
| 21 |
> > to be anything other than the date of the original file. The idea |
| 22 |
> > is to hide the fact that the file has changed, not broadcast it. |
| 23 |
> |
| 24 |
> I think it is better to look when the specific digest was added to cvs. As far |
| 25 |
> as I know our cvs has not been compromised. |
| 26 |
> |
| 27 |
> Paul |
| 28 |
-- |
| 29 |
Ned Ludd <solar@g.o> |
| 30 |
Gentoo Linux Developer (Hardened) |
| 31 |
|
| 32 |
|
| 33 |
-- |
| 34 |
gentoo-hardened@g.o mailing list |
Archives