On Tue, 2013-04-09 at 13:05 -0500, Karl Schmidt wrote: > I'm getting flagged for http://osvdb.org/72183 On Debian Stable - can't find > where this has been > addressed?
"Flagged" by what? Following the links from that URL leads to http://www.openssh.com/txt/portable-keysign-rand-helper.adv , which quite clearly says: 2. Affected configurations Portable OpenSSH prior to version 5.8p2 only on platforms that are configured to use ssh-rand-helper for entropy collection. [...] Platforms that support /dev/random or otherwise configure OpenSSL with a random number provider are not vulnerable. In particular, *BSD, OS X, Cygwin and Linux are not affected. Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
