If you are running a current kernel r273872 or later, please upgrade
your kernel to r278907 or later immediately and regenerate keys.
I discovered an issue where the new framework code was not calling
randomdev_init_reader, which means that read_random(9) was not returning
good random data. read_random(9) is used by arc4random(9) which is
the primary method that arc4random(3) is seeded from.
This means most/all keys generated may be predictable and must be
regenerated. This includes, but not limited to, ssh keys and keys
generated by openssl. This is purely a kernel issue, and a simple
kernel upgrade w/ the patch is sufficient to fix the issue.
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"