[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Fwd: [e-privacy] Debian OpenSSL security flaw



Pessime figure... :-|

--------------------------------

Subject: [e-privacy] Debian OpenSSL security flaw
Date: martedì 13 maggio 2008
From: Marco Bonetti
To: La lista del Progetto Winston Smith <e-privacy@firenze.linux.it>

"Luciano Bello discovered that the random number generator in Debian's
openssl package is predictable.  This is caused by an incorrect
Debian-specific change to the openssl package (CVE-2008-0166).  As a
result, cryptographic key material may be guessable."

http://lists.debian.org/debian-security-announce/2008/msg00152.html

Urgh!
Sembra che il pacchetto bacato sia in giro dal 2006 :-/

______________________________________________
e-privacy mailing list
e-privacy@firenze.linux.it
https://lists.firenze.linux.it/mailman/listinfo/e-privacy

---------------------------------

-- 
Franco
ancora un giorno passa a caccia di denaro / non rido a essere trattato
come schiavo / il mio vestito è nuovo / ma resto il bastardo che ero 
senso dello stato uguale zero  -  Assalti  Frontali,  Banditi,  1996

Attachment: signature.asc
Description: This is a digitally signed message part.


Reply to: