

Kernel.org servers compromised - ddbbcc
http://pastebin.com/BKcmMd47

======
JoshTriplett
The official announcement on kernel.org: <https://www.kernel.org/#news>

And the HN story referencing that announcement:
<http://news.ycombinator.com/item?id=2947578>

I have to wonder why someone felt the need to anonymously pastebin the
original announcement to a private mailing list.

------
mkr-hn
Is it just their servers, or was the kernel distribution itself compromised? I
can't tell from this.

~~~
cjbprime
It's just the servers. The kernel repositories weren't modified, and even if
they were, git makes it pretty impossible to modify history if you're paying
attention -- the next push would fail as a non-fast-forward.

~~~
JoshTriplett
Also, in the mailing list thread, someone actually went back and verified the
contents of all the old tarballs and compared them to the bits from Git, since
otherwise someone could have changed the tarball releases.

------
pointyhat
The main question to answer is how long ago did this happen.

------
baconhigh
_sigh_

