From owner-svn-doc-head@FreeBSD.ORG  Wed Nov 28 01:58:08 2012
Return-Path: <owner-svn-doc-head@FreeBSD.ORG>
Delivered-To: svn-doc-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id F042F68E;
 Wed, 28 Nov 2012 01:58:07 +0000 (UTC)
 (envelope-from gavin@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id D4DF28FC13;
 Wed, 28 Nov 2012 01:58:07 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
 by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qAS1w7ig008240;
 Wed, 28 Nov 2012 01:58:07 GMT (envelope-from gavin@svn.freebsd.org)
Received: (from gavin@localhost)
 by svn.freebsd.org (8.14.5/8.14.5/Submit) id qAS1w7D4008239;
 Wed, 28 Nov 2012 01:58:07 GMT (envelope-from gavin@svn.freebsd.org)
Message-Id: <201211280158.qAS1w7D4008239@svn.freebsd.org>
From: Gavin Atkinson <gavin@FreeBSD.org>
Date: Wed, 28 Nov 2012 01:58:07 +0000 (UTC)
To: doc-committers@freebsd.org, svn-doc-all@freebsd.org,
 svn-doc-head@freebsd.org
Subject: svn commit: r40174 - head/en_US.ISO8859-1/htdocs/news
X-SVN-Group: doc-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-doc-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the doc tree for head
 <svn-doc-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-doc-head>,
 <mailto:svn-doc-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-doc-head>
List-Post: <mailto:svn-doc-head@freebsd.org>
List-Help: <mailto:svn-doc-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-doc-head>,
 <mailto:svn-doc-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 01:58:08 -0000

Author: gavin
Date: Wed Nov 28 01:58:07 2012
New Revision: 40174
URL: http://svnweb.freebsd.org/changeset/doc/40174

Log:
  Update on progress after the compromise, for 27th November
  
  Approved by:	bcr (mentor, implicit)

Modified:
  head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml

Modified: head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml	Wed Nov 28 00:52:45 2012	(r40173)
+++ head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml	Wed Nov 28 01:58:07 2012	(r40174)
@@ -62,6 +62,7 @@
 
     <ul>
       <li><a href="#announce">Announcement</a></li>
+      <li><a href="#update20121127">Update: 27th November 2012</a></li>
       <li><a href="#update20121122">Update: 22nd November 2012</a></li>
       <li><a href="#update20121118">Update: 18th November 2012</a></li>
       <li><a href="#details">Initial Details: 17th November 2012</a></li>
@@ -72,6 +73,46 @@
 
     <p>More details will be added here as they become available.</p>
 
+    <h1><a name="update20121127">Update: November 27th, 2012</a></h1>
+
+    <p>Due to the legacy third-party package build controller head
+      nodes being offlined pending reinstall, we have been unable to
+      build new package sets over the last two weeks.  As a result,
+      FreeBSD 9.1-RELEASE has been delayed as it was felt that we
+      should not ship the release without at least a minimal package
+      set available.  We are now in a position where we are once
+      again able to build third-party packages for both of our
+      <a href="/doc/en_US.ISO8859-1/articles/committers-guide/archs.html">
+	Tier-1 architectures</a> (i386 and amd64), and are planning on
+      releasing it within the next few days with only a slightly
+      limited set of packages.  Please note that historically we have
+      also provided packages on a best-effort basis for some of our
+      Tier-2 architectures such as sparc64, ia64 and powerpc.  We are
+      not currently expecting to be in a postition to build any Tier-2
+      packages before FreeBSD 9.1 ships, so initially for these
+      platforms no such precompiled packages will be available.  We
+      may be in a position to provide some packages for these
+      architectures shortly after the release.</p>
+
+    <p>A few reports covering this incident on external tech news
+      websites have confused details relating to how this incident
+      was discovered.  Over the last few weeks, many of our primary
+      cluster servers have been either physically relocated and/or
+      replaced with new hardware as part of work planned several
+      months in advance.  The discovery of this incident was
+      unrelated to this ongoing cluster maintenance.  Several
+      service outages in the days surrounding the incident were
+      correctly attributed to ongoing cluster work, and were not
+      related in any way to the compromise.  In parallel with the
+      physical upgrades and relocation of servers, we are also
+      reworking the network layout in order to provide better
+      functionality, security, resilience, and to reduce any impact
+      from incidents such as this.  Due in a large part to the
+      progress already made here, we were able to have full
+      confidence in many systems and services so quickly after the
+      compromised hosts on the legacy network segment were
+      discovered.</p>
+
     <h1><a name="update20121122">Update: November 22nd, 2012</a></h1>
 
     <p>Although not mentioned in the original report,