[Voyage-linux] Debian Security Advisory DSA-1571-1 openssl
Tom
(spam-protected)
Mon May 19 17:41:36 HKT 2008
Hi Punky,
when I installed my soekris with release 0.4 I was surprised to not see
the security.debian.org already in place in sources.list file...
Have you planned to add it in new releases?
T.
Kim-man 'Punky' Tse wrote:
> Hi all,
>
> It is discovered that the random number generator in Debian's openssl
> package is predictable. As a result, cryptographic key material may be
> guessable. This vulnerability affects the following Voyage Linux
> release that were based on Debian Etch:
>
> * All 0.3 versions
> * All 0.4 versions
> * 0.5.0
>
> You are strongly advised to perform the following procedures to update
> Voyage of the above affected versions.
>
> 1. Edit /etc/apt/sources.list, add the line:
>
> deb http://security.debian.org stable/updates main
>
> 2. Run:
>
> # apt-get update; apt-get dist-upgrade
>
> Next, follows the information below to regenerate encryption keys and
> detect comprised keys on your affected systems.
>
> * Debian Security Advisory DSA-1571-1 -
> http://www.debian.org/security/2008/dsa-1571
> * SSLKeys on Debian Wiki - http://wiki.debian.org/SSLkeys
> * Key Rollover - http://www.debian.org/security/key-rollover/
>
> Regards,
> Punky
>
> _______________________________________________
> Voyage-linux mailing list
> Voyage-linux at list.voyage.hk
> http://list.voyage.hk/mailman/listinfo/voyage-linux
--
Tomaso Dessì - Internet Services Management
Tiscali Services S.p.A. - Loc. Sa Illetta, S.S. 195 Km 2,300 - 09122 Cagliari
Tel: +39 070.4601.1
Fax: +39 070.4609.563
http://www.tiscaliservices.it
() ASCII Ribbon Campaign
/\ Against HTML Mail
More information about the Voyage-linux
mailing list