[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DSA 1571-1] Heimdal

Apparently, Heimdal in Debian also is affected. I am not aware of any solution other then to manually regenerate all keys.

Brian May
--- Begin Message ---
I strongly advise all readers of this list that use Debian or might have
users in your realm (or any realms for which cross-realm key exchange as
been performed) to read:


This vulnerability will effect any Heimdal distribution built using any
Debian package of OpenSSL version 0.9.8c-1 or higher.

All long term keys that were generated with this version of OpenSSL
and are not derived from a password MUST be changed.

Any short term keys that are generated from a vulnerable KDC should be
considered suspect.

Jeffrey Altman

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--- End Message ---

Reply to: