from the long-unknown-now-critical dept.
After the breakin in the servers of the Debian project, analyzes showed that a hole in the Linux kernels below 2.4.22 was used to gain root and install suckit. It is the same technique used in the breakin in our environement in spring.
Also GNU's savannah was rooted.
We are currently upgrading all our servers and workstations and need to reboot them during this days.
Be sure to upgrade also your personal workstaton or notebook in case you are running Linux and check it with chckrootkit. You need a patched kernel from your distributor or compile your own Linux 2.4.23 from source. Linux 2.2 is not affected by this bug.
Please contact us immediately in case you had an account on GNU's Savannah or one of the affected Debian servers!
< | >