Knowledge Base::DBSA:2013-0004

From Digibase Knowledge Base
Revision as of 02:37, 15 June 2013 by Kradorex Xeron (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

DBSA ID: 2013-0004

Regarding: Debian-Multimedia repository potential for compromise

Writeup: Kradorex Xeron (talk) 02:23, 15 June 2013 (EDT)

Date: 2013 06 15

Last Modified: 20130615023737 by Kradorex Xeron

Who should take note: Debian (and derivative) Users and System Administrators



Priority: HIGH

Rationale: The domain name may be misused at any point to attempt to hijack the systems updating against the repository.

Severity: LOW

Rationale: There has been no observed impact, but the network hosting the current '' domain is a potential risk for misuse of the domain name.

Spread of Issue: LIMITED MEDIUM

Rationale: Considering that 'debian-multimedia' is not a core repository of Debian installations and most derivatives thereof, the spread does not qualify for a "HIGH" rating, but is increased due to the high usage of the packages serviced by the repository.


The domain name that supports a widely used unofficial software repository, 'debian-multimedia' has had its domain name taken over by a party unrelated to the Debian project in any official or unofficial capacity. The project has thus moved to the domain name

Technical Details

There is no technical details to discuss in this advisory.


Those affected are advised to visit and install the new location of the repository and remove the old, '' repository from apt configuration.

It is advised to treat the '' domain name as compromised and audit for any transfers performed.


Personal tools