From owner-freebsd-security@FreeBSD.ORG  Thu Aug 14 02:14:32 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C888337B405
	for <freebsd-security@freebsd.org>;
	Thu, 14 Aug 2003 02:14:32 -0700 (PDT)
Received: from endor.vader.dk (213.237.74.156.adsl.sol.worldonline.dk
	[213.237.74.156])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 931BD43FB1
	for <freebsd-security@freebsd.org>;
	Thu, 14 Aug 2003 02:14:31 -0700 (PDT)
	(envelope-from vader@endor.vader.dk)
Received: from endor.vader.dk (localhost.vader.dk [127.0.0.1])
	by endor.vader.dk (8.12.8p1/8.12.8) with ESMTP id h7E9E8Pa072742
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <freebsd-security@freebsd.org>;
	Thu, 14 Aug 2003 11:14:08 +0200 (CEST)
	(envelope-from vader@endor.vader.dk)
Received: (from vader@localhost)
	by endor.vader.dk (8.12.8p1/8.12.8/Submit) id h7E9E8S1072741
	for freebsd-security@freebsd.org;
	Thu, 14 Aug 2003 11:14:08 +0200 (CEST)
Resent-Message-Id: <200308140914.h7E9E8S1072741@endor.vader.dk>
Date: Thu, 14 Aug 2003 02:22:25 +0200
From: Chris Larsen <darth@vader.dk>
To: freebsd-security@freebsd.org
Message-ID: <20030814002225.GH436@endor.vader.dk>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="a8sldprk+5E/pDEv"
Content-Disposition: inline
X-PGP-Fingerprint: F3 CA 1A 5B 68 19 17 97  D7 81 01 B6 01 62 CD CE
Resent-From: vader@endor.vader.dk
Resent-Date: Thu, 14 Aug 2003 11:14:08 +0200
Resent-To: freebsd-security@freebsd.org
X-Scanned-By: MIMEDefang 2.36
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
Subject: 
	NOTICE: [CERT Advisory CA-2003-21 GNU Project FTP Server Compromise]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Chris Larsen <darth@vader.dk>
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Aug 2003 09:14:33 -0000


--a8sldprk+5E/pDEv
Content-Type: multipart/mixed; boundary="Y+xroYBkGM9OatJL"
Content-Disposition: inline


--Y+xroYBkGM9OatJL
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi All

As many may have noticed the GNU Project's FTP server had been compromised =
as
outlined in this CERT advisory[1].

I felt the urge to quickly hack together a small perl script to check my
distfiles against the published md5 sums from FSF.

Using this file as reference: ftp://ftp.gnu.org/before-2003-08-01.md5sums.a=
sc
(Check and Verify the PGP signature ![1])

[1] Full CERT advisory : http://www.cert.org/advisories/CA-2003-21.html

-*-*-*-

Attached is a gzipped perl program to check ports/distfiles GNU archives
against the above file and indicate OK or WARNING status.

This script is provided in hope that people may find it useful.

PS: I know already now it has some shortcommings and is not fully regression
tested, but it fullfilled my purposes.

--=20
Chris Larsen

"Make something idiot proof,
 and someone will invent a better idiot."

--Y+xroYBkGM9OatJL--

--a8sldprk+5E/pDEv
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----

iQEVAwUBPzrWQZrTOTwTeZOlAQGqzwgAiCf6RXza4b2rctY36uawZfnFizdr8aZW
XPguYA/UNYfxv4UyYlsdkK8jAVV+xtPVy9XQiMgHJ1D6UzZ4tWM86mdFmdZUqts6
c4wp/Q1AYHXy7s8X0kTQmojrRCfKDYgH/QAXwZojwl0TgZRY0yGFSlLzOMDkG3HC
uKxmrMwV2tgbSq4JVVbrCaxdDB4MK4iiT6XC5cncjMqwOpi8Lfqx3fy/lZmnbWqz
rkIkANuMun9veMKg1CbQDYRhQcq4MCjNwVXI78Nr31XaLWUL6oABHLlu+wML75my
rPSLW67EurHbMBPY6e2lO2go8ImH7VZjUiFHk/BP3NUH2YBFr8v/ig==
=6R6J
-----END PGP SIGNATURE-----

--a8sldprk+5E/pDEv--