[e-privacy] Debian OpenSSL security flaw
Marco Bonetti
marco.bonetti at slackware.it
Tue May 13 19:02:39 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"Luciano Bello discovered that the random number generator in Debian's
openssl package is predictable. This is caused by an incorrect
Debian-specific change to the openssl package (CVE-2008-0166). As a
result, cryptographic key material may be guessable."
http://lists.debian.org/debian-security-announce/2008/msg00152.html
Urgh!
Sembra che il pacchetto bacato sia in giro dal 2006 :-/
- --
Marco Bonetti
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My webstuff: http://sidbox.homelinux.org/
My GnuPG key id: 0x86A91047
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIKcmuE3eWALCzdGwRAmAiAJ4lOn8ciBZlwwZYpv4gKbg1u0cSQACeOYFA
UTtH35UtM3JhqG1s+xs2lko=
=v2Dt
-----END PGP SIGNATURE-----
More information about the E-privacy
mailing list