Security breach delays Gnome 2.6 release

An intrusion by a 'dumb cracker' may set back the release of the latest version of the open-source Gnome desktop environment

A security breach is likely to delay for several days today's scheduled release of the next version of the popular Gnome open source desktop environment, a member of the release team said. Jeff Waugh, the head beekeeper of the Gnome Release Team and the director of the Gnome Foundation Board, has confirmed that a security breach of the Gnome Web server is "likely to delay the release [of Gnome 2.6]…however we have not made that decision officially yet." He told ZDNet Australia the delay was likely to be about a week.

Last night, Owen Taylor released a statement on behalf of the Gnome sysadmin team via their newsgroup that an intrusion had been made.

This morning Waugh claimed that the intrusion was "not that serious" and that it seemed unlikely that the central code repository was touched by the intrusion. It is understood that the Gnome forensic team are currently investigating the compromise further, with an official announcement due afterwards.

According to Waugh, the Gnome Web servers that are hosted by Red Hat were compromised by "a dumb cracker who probably didn't realise what they got into."

Gnome is a popular desktop suite and development platform for Unix and Linux systems included in major Linux distributions of Suse, Sun's Java Desktop System and Red Hat. It is also used on the Solaris UNIX environment.