[ic] Off Topic: Debian OpenSSL vulnerability (affects all debian derivatives such as Ubuntu as well)
Peter
peter at pajamian.dhs.org
Tue May 13 20:52:41 UTC 2008
This is off topic for IC, but it is important enough that I feel it
necessary to spread the word about this one. Basically there is a
vulnerability in the random number generator used in OpenSSL in Debian
and Debian-based Linux distributions. If you have generated a key
either for SSH or SSL or used an SSL key for cryptographic signing on
one of these systems in the past year or two you need to (1) update your
systems to the latest version of OpenSSL, (2) generate new keys and (3)
re-encrypt any encrypted documents you may have.
Relevant links:
http://www.ubuntu.com/usn/usn-612-2
http://lists.debian.org/debian-security-announce/2008/msg00152.html
Peter
More information about the interchange-users
mailing list