[rt.admin.canonical.com #124242] Re: Malicious package in the archive [training]
Eduardo Barretto
eduardo.barretto at canonical.com
Thu Feb 13 17:11:40 UTC 2020
Escalating this a little further.
We need to get the malicious package removed from the archive.
jk0ne already on this.
PS: TESTING PURPOSE
On Thu, Feb 13, 2020 at 04:46:09PM +0000, eduardo.barretto at canonical.com via RT wrote:
> CCing archive admins
>
> PS: training purpose
>
> On Thu, Feb 13, 2020 at 04:39:48PM +0000, The default queue via RT wrote:
> > ** This is an auto reply. **
> >
> > Canonical IS has received your message. Your ticket has been assigned
> > an ID of #124242. We will process your ticket as quickly as possible.
> >
> > Please include the following text in the subject line of all future
> > correspondence about this issue: [rt.admin.canonical.com #124242]
> >
> > You may also reply to this message.
> >
> > Once the ticket has been triaged, you can check the status of your request
> > by visiting the link below:
> > https://portal.admin.canonical.com/124242
> >
> >
> > Thank you,
> > Canonical IS
> >
> > ----- Original Message -----
> >
> > Hey IS,
> >
> > At 13:29 (GMT-2) we found a malicious code in a package that was recently
> > uploaded to the archive.
> >
> > Impact: a new deb package
> > (hello - https://launchpad.net/ubuntu/+source/hello/2.10-1build2) was uploaded
> > to the archive and it contains malicious code. This affects all users running
> > Bionic and we are considering it to be critical.
> > Severity: Critical
> > Release: bionic only
> >
> > @Mark, can you escalate this issue?
> >
> >
> > Please escalate this accordingly:
> > https://wiki.canonical.com/UbuntuEngineering/DealingWithCrisis
> >
> > Eduardo
> >
> >
> > PS: training purpose
> > https://wiki.canonical.com/UbuntuEngineering/Security/ttx
> >
>
>
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-archive/attachments/20200213/36fe6880/attachment.sig>
More information about the ubuntu-archive
mailing list