From owner-svn-doc-all@FreeBSD.ORG Fri Nov 23 00:28:13 2012 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1BC03C93; Fri, 23 Nov 2012 00:28:13 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id DB6C18FC15; Fri, 23 Nov 2012 00:28:12 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qAN0SCvd099820; Fri, 23 Nov 2012 00:28:12 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qAN0SCxW099819; Fri, 23 Nov 2012 00:28:12 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201211230028.qAN0SCxW099819@svn.freebsd.org> From: Gavin Atkinson Date: Fri, 23 Nov 2012 00:28:12 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r40132 - head/en_US.ISO8859-1/htdocs/news X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2012 00:28:13 -0000 Author: gavin Date: Fri Nov 23 00:28:12 2012 New Revision: 40132 URL: http://svnweb.freebsd.org/changeset/doc/40132 Log: Add an update to the security incident page for November 22nd, 2012. Approved by: core, bcr (mentor, implicit) Modified: head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml Modified: head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml Fri Nov 23 00:00:23 2012 (r40131) +++ head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml Fri Nov 23 00:28:12 2012 (r40132) @@ -62,6 +62,7 @@
  • Announcement
    • +
  • Update: 22nd November 2012
  • Update: 18th November 2012
  • Initial Details: 17th November 2012
  • What is the Impact?
    • @@ -71,6 +72,27 @@

    More details will be added here as they become available.

    +

    Update: November 22nd, 2012

    + +

    Although not mentioned in the original report, + CTM (another mechanism for + retrieving FreeBSD source) uses the master trusted Subversion + repository as the source of its data. Additionally, verification of + CTM-sourced trees has been completed against the Subversion tree, + confirming that there are no differences between the two. Our + experimental Git repository has been similarly verified.

    + +

    Work continues on rebuilding internal infrastructure and reinstating + services taken down during the incident. Web interfaces to the old + CVS repositories (CVSweb), and to GNATS (our bug-tracking database) + have been restored amongst other services, and other internal hosts + are being examined and rebuilt where necessary. A full audit of the + package building infrastructure is ongoing.

    + +

    The FreeBSD Project is investing significant effort into looking + into both medium and long term infrasture improvements to increase + security of the FreeBSD cluster.

    +

    Update: November 18th, 2012

    Newer portsnap(8) snapshots are once again available. The