News Profile Code Photography Looking Glass Projects System Statistics Uncategorized
Present Location: News >> Blog >> Debian OpenSSL Vulnerability

Blog
> Debian OpenSSL Vulnerability
Posted by prox, from Charlotte, on May 13, 2008 at 14:56 local (server) time

It's not good when you see stuff like this pop up on IRC:

13:41 < unprompted> Throw out your ssh keys, debian users.

The official announcement:

Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.

Good thing my SSH keys were generated on a Gentoo system… I think.

> Add Comment

New comments are currently disabled for this entry.

XHTML 1.0 ValidCSS ValidRSS 2.0Powered by FreeBSDIPv4 This HTML for this page was generated in 0.001 seconds.