From owner-freebsd-announce@FreeBSD.ORG Sat Nov 17 10:04:27 2012 Return-Path: Delivered-To: freebsd-announce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6F76C828; Sat, 17 Nov 2012 10:04:27 +0000 (UTC) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 4E0DC8FC12; Sat, 17 Nov 2012 10:04:27 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id qAHA4Qhu082363; Sat, 17 Nov 2012 10:04:26 GMT (envelope-from security-advisories@freebsd.org) Received: (from gavin@localhost) by freefall.freebsd.org (8.14.5/8.14.5/Submit) id qAHA4QH4082362; Sat, 17 Nov 2012 10:04:26 GMT (envelope-from security-advisories@freebsd.org) Date: Sat, 17 Nov 2012 10:04:26 GMT Message-Id: <201211171004.qAHA4QH4082362@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gavin set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Officer To: FreeBSD Security Precedence: bulk X-Mailman-Approved-At: Sat, 17 Nov 2012 10:05:25 +0000 Subject: [FreeBSD-Announce] Security Incident on FreeBSD Infrastructure X-BeenThere: freebsd-announce@freebsd.org X-Mailman-Version: 2.1.14 Reply-To: secteam@freebsd.org List-Id: "Project Announcements \[moderated\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Nov 2012 10:04:27 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 11th of November, an intrusion was detected on two machines within the FreeBSD.org cluster. The affected machines were taken offline for analysis. Additionally, a large portion of the remaining infrastructure machines were also taken offline as a precaution. We have found no evidence of any modifications that would put any end user at risk. However, we do urge all users to read the report available at http://www.freebsd.org/news/2012-compromise.html and decide on any required actions themselves. We will continue to update that page as further information becomes known. We do not currently believe users have been affected given current forensic analysis, but we will provide updated information if this changes. As a result of this event, a number of operational security changes are being made at the FreeBSD Project, in order to further improve our resilience to potential attacks. We plan, therefore, to more rapidly deprecate a number of legacy services, such as cvsup distribution of FreeBSD source, in favour of our more robust Subversion, freebsd-update, and portsnap models. More information is available at http://www.freebsd.org/news/2012-compromise.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 iEYEARECAAYFAlCm0dAACgkQFdaIBMps37KrYgCfTEkJ/odP2XMrYQ1FIvD89AJb GUUAn2r4YLeDEfQriWZIIXR0Hj1/rSWT =cLZF -----END PGP SIGNATURE-----