[COLUG] Fwd: SERIOUS: Debian/Ubuntu OpenSSL/SSH/VPN
KeyVulnerability
Austin Godber
godber at uberhip.com
Tue May 13 17:30:44 EDT 2008
On May 13, 2008, at 1:59 PM, Warner Moore wrote:
>> -----Original Message-----
>> From: colug432-bounces at colug.net
>> [mailto:colug432-bounces at colug.net] On Behalf Of Austin Godber
>> Sent: Tuesday, May 13, 2008 1:54 PM
>> To: Central OH Linux User Group
>> Subject: [COLUG] Fwd: SERIOUS: Debian/Ubuntu OpenSSL/SSH/VPN
>> KeyVulnerability
>>
>>>
>>> A serious vulnerability related to OpenSSL, OpenSSH and
>> OpenVPN has
>>> just materialized:
> <snip>
>
> It's notable that this vulnerability is a result of changes to
> OpenSSL by a Debian package maintainer.
>
> From what I understand, it only affects Debian and Ubuntu.
Anything derived from Debian during that period yes.
The bug report that caused the problem was here:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=363516
Austin
More information about the colug432
mailing list