Critical security vulnerability in debian openssl package
Debians security advisory has reported a critical security issue with debian-based openssl packages.
As a result,generated keys might be weak and breakable, since the random number generator appears to have created predictable results.
The exact nature of this predictability was not made public by now, but it is strongly recommendet to regenerate keys created with kryptographic tools affected by the issue and to re-enroll all corresponding certificates.
Note that his issue affects all debian-based systems, including ubuntu 8.04.
Source: http://lists.debian.org/debian-security-announce/2008/msg00152.html
Seems i’ll have a somewhat busy weekend.
This entry was posted on Wednesday, May 14th, 2008 at 10:44. Posted in: System engineering, debian 4, ubuntu. You can follow any responses to this entry through the RSS 2.0feed. You can leave a response, or trackback from your own site.
