[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FWD: [SECURITY] [DSA 1571-1] New openssl packages fix predictablerandom number generator

To: heimdal-discuss@sics.se
Subject: FWD: [SECURITY] [DSA 1571-1] New openssl packages fix predictablerandom number generator
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Date: Tue, 13 May 2008 09:12:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=simple;d=secure-endpoints.com; s=MDaemon; t=1210684345; x=1211289145;q=dns/txt; h=DomainKey-Signature:Received:Message-ID:Date:From:Organization:User-Agent:MIME-Version:To:Subject:OpenPGP:Content-Type:Reply-To; bh=hbwTXP5t0R7w17v9a5EoZNvsX0Jd6cwlEC7gX1YNq4c=; b=eOQAz7/X683VghbAVbfk2x2CkahuZKz6yypj9CaNFzy2MAI2bSuh85cUiynciwULqzzFVZK6GeFoDogqe9YMXse0cDtw6Xe6rADDINAnCY5ZqH30wlsQTigs98m8nw+XiWDZ/hVAQeJZtMBcpCapj1BoU1osn/A9qgWNnm8A3ic=
DomainKey-Signature: a=rsa-sha1; s=MDaemon; d=secure-endpoints.com;c=simple; q=dns; h=message-id:from;b=q+xlsfXj3GoM+aoWJ5bvgG4LpObWi/iRPe9AT5IGN/3ROJZJoqclRiv2TqjTR3Ieu11wFDuaXnVyYHLBml/egWK+Nq9V+JeEAmUu8j1RlyynIXsJsmeETMyTAldn9gtBisjUO6MO1sehhSgpBATlUGVdbFDrfvD2iVCF7ZPhASc=;
List-Archive: <http://list.sics.se/sympa/arc/heimdal-discuss>
List-Help: <mailto:sympa@sics.se?subject=help>
List-Id: <heimdal-discuss.sics.se>
List-Owner: <mailto:heimdal-discuss-request@sics.se>
List-Post: <mailto:heimdal-discuss@sics.se>
List-Subscribe: <mailto:sympa@sics.se?subject=subscribe%20heimdal-discuss>
List-Unsubscribe: <mailto:sympa@sics.se?subject=unsubscribe%20heimdal-discuss>
OpenPGP: url=http://pgp.mit.edu
Organization: Secure Endpoints Inc.
Reply-To: heimdal-discuss@sics.se, Jeffrey Altman <jaltman@secure-endpoints.com>
User-Agent: Thunderbird 2.0.0.14 (Windows/20080421)

I strongly advise all readers of this list that use Debian or might have
users in your realm (or any realms for which cross-realm key exchange as
been performed) to read:

http://lists.debian.org/debian-security-announce/2008/msg00152.html

This vulnerability will effect any Heimdal distribution built using any
Debian package of OpenSSL version 0.9.8c-1 or higher.

All long term keys that were generated with this version of OpenSSL
and are not derived from a password MUST be changed.

Any short term keys that are generated from a vulnerable KDC should be
considered suspect.

Jeffrey Altman

S/MIME Cryptographic Signature

Prev by Date: RE: ksu error
Next by Date: =?BIG5?B?oqiiqUE9PT0gpFSzcadBt8ezxqZupEa23D8/Pz8/ID09?= =?BIG5?B?PT09PT09PaKoofggPqG5obkjL6HRPKG6obslobmhuaKpob0=?=
Prev by thread: Kurumsal kimlikte kampanya...
Next by thread: =?BIG5?B?oqiiqUE9PT0gpFSzcadBt8ezxqZupEa23D8/Pz8/ID09?= =?BIG5?B?PT09PT09PaKoofggPqG5obkjL6HRPKG6obslobmhuaKpob0=?=
Index(es):
- Date
- Thread