[Voyage-announce] Debian Security Advisory DSA-1571-1 openssl
Kim-man 'Punky' Tse
punkytse at punknix.com
Sun May 18 17:38:29 HKT 2008
Hi all,
It is discovered that the random number generator in Debian's openssl
package is predictable. As a result, cryptographic key material may be
guessable. This vulnerability affects the following Voyage Linux
release that were based on Debian Etch:
* All 0.3 versions
* All 0.4 versions
* 0.5.0
You are strongly advised to perform the following procedures to update
Voyage of the above affected versions.
1. Edit /etc/apt/sources.list, add the line:
deb http://security.debian.org stable/updates main
2. Run:
# apt-get update; apt-get dist-upgrade
Next, follows the information below to regenerate encryption keys and
detect comprised keys on your affected systems.
* Debian Security Advisory DSA-1571-1 -
http://www.debian.org/security/2008/dsa-1571
* SSLKeys on Debian Wiki - http://wiki.debian.org/SSLkeys
* Key Rollover - http://www.debian.org/security/key-rollover/
Regards,
Punky
More information about the Voyage-announce
mailing list