On mar, 2008-05-13 at 23:39 -0300, Henrique de Moraes Holschuh wrote: > > It is probably worth a lot of effort to fully map the entire set of > keys > the broken openssl could generate, and find a very fast way to check > if > a key belong to that set. And add that to openssl upstream (to > automatically fail any verification done using such keys). Ubuntu apparently made it. See http://www.ubuntu.com/usn/usn-612-2 -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part