Reenvio de mensagem:
Date: Wed, 26 Nov 2008 11:08:35 +0000 From: nixCraft Linux Sys Admin Blog <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: nixCraft Linux Sys Admin Blog FreeBSD Kernel Critical Update: arc4random predictable sequence vulnerability Posted: 25 Nov 2008 09:49 AM PST http://www.cyberciti.biz/tips/cve-2008-5162-freebsd-arc4random.html FreeBSD today released a core (kernel) patched to plug "arc4random predictable sequence vulnerability" security hole in its operating systems version 6.x and 7.x stable release. When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator. All security-related kernel subsystems that rely on a quality random number generator are subject to a wide range of possible attacks. This update has been rated as having important security impact. Read more: FreeBSD Kernel Critical Update: arc4random predictable sequence vulnerability Copyright (c) nixCraft. All Rights Reserved. Support nixCraft when you shop at amazon. Thanks! -- saudações, irado furioso com tudo Linux User 179402/FreeBSD BSD50853/FUG-BR 154 Não uso drogas - 100% "A experiencia ensina que a mulher ideal é sempre a dos outros." (Stanislaw Ponte Preta in "maximas ineditas de tia zulmira") ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
