[QCLUG] Virus in Ubuntu

[Steve Langasek]

On Thu, May 15, 2008 at 07:55:16AM -0500, Robert Jones wrote:
>> Take it seriously. If you're running Debian or Ubuntu (or a derivative
>> thereof based on something newer than sarge/edgy), follow the directions in
>> the security advisories to get your system updated and generate new host and
>> user keys to replace any vulnerable ones.  If you have a DSA SSH key (not
>> the default) that you've used to *authenticate* to/from a host affected by
>> this issue, consider that this key may be compromised and replace it even if
>> it was not generated on a vulnerable system.

> It's all Greek to me. I can only understand a little of this post as I  
> don't know most of the terms used. I have just installed Ubuntu 8.04 on  
> a formatted drive. The only thing that is encrypted is my password and  
> wallet as far as I know. I haven't encrypted my drives or any files.
> Is this something I should be concerned about? Should I be taking action  
> to change something or will an update from Ubuntu take care of it for me?
> Thanks for the information.

If you've already applied the update, then your own system is now secure.
The rest of the information is for folks who run their own servers or who
have their own SSH keys that they use for connecting to other machines; if
you don't know what this means, then it almost certainly doesn't apply to
you and you can rest easy.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org