Fedora intrusion update, 2008-09-19 UTC 0230

Published by

The Fedora Project published an update on the Fedora intrusion
Work on the Fedora infrastructure has returned to normal at this point. Updates are once again available for Fedora 8 and Fedora 9, our current releases, using the new package signing key we've implemented. To read more about the new package signing key, refer to:

https://fedoraproject.org/wiki/New_signing_key

https://fedoraproject.org/wiki/Enabling_new_signing_key

In addition, Rawhide has returned to service, as well as our other services such as Fedora Hosted.

As always, our team of system administrators makes incremental improvements constantly. Sometimes these improvements involve temporary outages, and such outages may occur in the future as part of normal operations. At this time, however, we believe Fedora's recovery efforts are complete. To reiterate our previous statement, we have not found any security vulnerabilities in any Fedora software as a result of our efforts.

The security investigation into the intrusion is still in progress. When that investigation is completed, the Fedora Project's intention is to publish a more detailed report on the matter.

We will issue further updates as more information becomes available.