[kwlug-disc] Linux Mint site hacked
Chris Irwin
chris at chrisirwin.ca
Mon Feb 22 14:10:31 EST 2016
Also, apparently their initial "fix" was to correct the download links,
rather than taking the compromised machine offline entirely. This lead to
the download links being redirected to the compromised ISOs a second time.
http://thehackernews.com/2016/02/linux-mint-hack.html
In an interesting discussion on LWN, it appears that Mint doesn't install
kernel updates, and doesn't publish CVE information, amongst various other
packaging issues.
https://lwn.net/Articles/676664/
Perhaps those using Mint would be wise to look for alternatives.
On Mon, Feb 22, 2016 at 1:41 PM, L.D. Paniak <ldpaniak at fourpisolutions.com>
wrote:
> Apparently, the Linux Mint website was hacked over the weekend:
>
> http://arstechnica.com/security/2016/02/linux-mint-hit-by-malware-infection-on-its-website-and-forum-after-hack-attack/
>
> ISO images downloaded on Feb 20 should be discarded or checked against
> known-good checksums.
> Images from mirror sites may have a wider window of vulnerability.
>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
--
Chris Irwin
<chris at chrisirwin.ca>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20160222/371ec9f4/attachment.htm>
More information about the kwlug-disc
mailing list