I've just heard about a potential vulnerability in OpenSSL. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743883 for the Debian version of this problem.
In particular, the message states all keys used with vulnerable processes will need to be replaced both in Debian infrastructure and by all users of this package. I'm wondering whether monotone use is affected by this problem. I don't know if it even uses OpenSSL or some other signature mechanism. -- hendrik _______________________________________________ Monotone-devel mailing list Monotone-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/monotone-devel
