OpenSSH vulnerability (Ubuntu and Debian hit)
Anthony Boynes
aboynes at gmail.com
Tue May 13 10:49:35 MST 2008
These urls should also be looked at.
http://www.ubuntu.com/usn/usn-612-2
http://www.debian.org/security/2008/dsa-1571
On Tue, May 13, 2008 at 10:37 AM, Carlos Macedo Gomes
<powerofprimes at gmail.com> wrote:
> Apologies if this has already vectored through your radar. A problem
> has surfaced with Debian and Ubuntu related to the PRN in OpenSSL (and
> therefore the keys in OpenSSH, OpenSSL, SSL, etc). Scope is limited
> to Debian and Ubuntu systems but the problem appears to have been
> around for a couple years.
>
> Ubuntu advisory is here:
> http://www.ubuntu.com/usn/usn-612-1
>
> Here's a (rantish) writeup on the *raison d'etre*:
> http://www.links.org/?p=327
>
> Check your primes...
>
> ymmv,
> C.G.
>
> --
> powerofprimes at gmail.com
> Carlos Macedo Gomes
> _sic itur ad astra_
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
More information about the PLUG-discuss
mailing list