Red Hat has released a notice that they had a security intrusion on their Red Hat Network system that is used to update servers. Apparently attackers were able to sign a package. Signatures are used to verify the authenticity of packages. While Red Hat does not think there was any significant harm. They have released an updated OpenSSH Package and a test script to verify your system is not impacted.
Red Hat noted, “In connection with the incident, the intruder was able to sign a small number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture only).”
This is pretty serious and a critical patch has been released for OpenSSH.
Server Management Clients
Client’s using rackAID’s server management subscription service do not need to worry. We have checked all servers under management and did not find any corrupted packages. OpenSSH updates are being applied today.