svn commit: r40088 - head/en_US.ISO8859-1/htdocs/news
Gavin Atkinson
gavin at FreeBSD.org
Sun Nov 18 23:02:40 UTC 2012
Author: gavin
Date: Sun Nov 18 23:02:39 2012
New Revision: 40088
URL: http://svnweb.freebsd.org/changeset/doc/40088
Log:
Add an update for November 18th, 2012.
Change some headers so that updates are easier to see.
Fix a case issue (ports -> Ports).
Approved by: core, bcr (mentor, implicit)
Modified:
head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml
Modified: head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml Sun Nov 18 22:54:20 2012 (r40087)
+++ head/en_US.ISO8859-1/htdocs/news/2012-compromise.xml Sun Nov 18 23:02:39 2012 (r40088)
@@ -62,7 +62,8 @@
<ul>
<li><a href="#announce">Announcement</a></li>
- <li><a href="#details">Initial Details</a></li>
+ <li><a href="#update20121118">Update: 18th November 2012</a></li>
+ <li><a href="#details">Initial Details: 17th November 2012</a></li>
<li><a href="#impact">What is the Impact?</a></li>
<li><a href="#done">What has FreeBSD.org done about this?</a></li>
<li><a href="#recommend">Recommendations</a></li>
@@ -70,7 +71,39 @@
<p>More details will be added here as they become available.</p>
- <h2><a name="details">Initial details</a></h2>
+ <h1><a name="update20121118">Update: November 18th, 2012</a></h1>
+
+ <p>Newer portsnap(8) snapshots are once again available. The
+ generation of these had been suspended as part of the infrastructure
+ lockdown, however all machines involved have either been audited or
+ reinstalled and so we are now confident that these can be made
+ available once more.</p>
+
+ <p>The Subversion to CVS exporter is now up and running again.
+ Updates made to the Subversion repository will once again appear in
+ repositories available via csup/CVSup. Please note that the use of
+ these exports are still deprecated, and users are urged to move to
+ one of the supported methods (for example, freebsd-update(8),
+ portsnap(8), or Subversion) in order to obtain updates. Note also
+ that we are still currently unable to guarantee the integrity of
+ past history within the CVS repository, but are confident in the
+ integrity of checkouts from the top-of-tree of each branch.</p>
+
+ <p>Please note that due to infrastructure changes, the first update
+ through either portsnap(8) or csup(1) is likely to show changes to
+ a large number of files. This is nothing to worry about.</p>
+
+ <p>As mentioned in the original announcement, a package set uploaded in
+ preparation for the upcoming FreeBSD 9.1-RELEASE could not be verified,
+ and so was removed. In order to allow system integrators and end
+ users to verify that packages they may have downloaded are not from
+ this set, we have provided files containing both
+ <a href="/news/2012-compromise/sha256.sums.20121118.txt">sha256</a> and
+ <a href="/news/2012-compromise/md5.sums.20121118.txt">md5</a> checksums
+ for all removed packages.</p>
+
+ <h1><a name="details">November 17th, 2012</a></h1>
+ <h2>Initial details</h2>
<p>On Sunday 11th November 2012, two machines within the FreeBSD.org
infrastructure were found to have been compromised. These machines
@@ -177,7 +210,7 @@
<li>If you use the already-deprecated cvsup/csup distribution
mechanisms, you should stop now.</li>
<li>If you were using cvsup/csup for ports, you should switch to
- portsnap(8) right away. ports developers should be using
+ portsnap(8) right away. Ports developers should be using
Subversion already. Further information on preferred mechanisms
for obtaining and updating the ports tree can be found at
<a href="/doc/handbook/ports-using.html">
More information about the svn-doc-head
mailing list