[Wlug] Debian/*ubuntu security bug and a question...
Theo Van Dinter
felicity at kluge.net
Thu May 15 10:39:51 EDT 2008
On Thu, May 15, 2008 at 10:32:32AM -0400, Brian A. Dewhirst wrote:
> I'm afraid my head spins a bit when I try to make sense of what
> corrective measures should be taken... has Ubuntu already rolled out a
> bug fix which will take care of the problem? If not, what needs to be
> done to fix my machine?
In short if you've generated any keys with OpenSSL (ie: certificates,
ssh keys, etc,) on Debian or its derivatives at anytime in at least the
last 2 years, you will want to regenerate them after you upgrade to the
fixed version.
Updating will solve the weak key generation issue, but not do anything about
the already generated keys in use.
--
Randomly Selected Tagline:
Leela: "Great. We're two days from earth with no food."
Bender: "Problem solved. You two fight to the death and I'll cook the
loser."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.wlug.org/pipermail/wlug/attachments/20080515/ee146561/attachment.bin
More information about the Wlug
mailing list