Gentoo takes server offline due to security vulnerabilities
The Gentoo project, which produces a Linux distribution that you can compile from the sources for your specific hardware, has taken additional servers offline due to a security vulnerability in packages.gentoo.org. According to Gentoo, on August 7th an command injection vulnerability that enabled manipulation of the system was detected on packages.gentoo.org. The following sites
- archives.gentoo.org
- packagestest.gentoo.org
- scripts.gentoo.org
- archivestest.gentoo.org
- kiss.gentoo.org
- packages.gentoo.org
- stats.gentoo.org
- survey.gentoo.org
were hosted on the same server. They are currently undergoing forensic examination and hence can't be accessed. After their restoration they will go back online, but Gentoo isn't giving any indication of when that will be.
It is unknown whether a manipulation on the server has already occurred. However, according to information provided by Alex Howells from Gentoo it was never possible at any time to change the packages. He told heise Security that packages.gentoo.org only compiles information from the Portage tree and presents them to the user in readable form. A manipulation of the sources and packages has not been possible.
Just recently, numerous Ubuntu community servers had to be taken off the net after they had been penetrated by unknown sources and exploited for attacks on other systems. There too, potential access to packages or source text was not possible.
- Infrastructure Press Release, announcement on Gentoo.org
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
