Hi all,
It is discovered that the random number generator in Debian's openssl
package is predictable. As a result, cryptographic key material may be
guessable. This vulnerability affects the following Voyage Linux
release that were based on Debian Etch:
* All 0.3 versions
* All 0.4 versions
* 0.5.0
You are strongly advised to perform the following procedures to update
Voyage of the above affected versions.
1. Edit /etc/apt/sources.list, add the line:
deb http://security.debian.org stable/updates main
2. Run:
# apt-get update; apt-get dist-upgrade
Next, follows the information below to regenerate encryption keys and
detect comprised keys on your affected systems.
* Debian Security Advisory DSA-1571-1 -
http://www.debian.org/security/2008/dsa-1571
* SSLKeys on Debian Wiki - http://wiki.debian.org/SSLkeys
* Key Rollover - http://www.debian.org/security/key-rollover/
Regards,
Punky
_______________________________________________
Voyage-linux mailing list
[email protected]
http://list.voyage.hk/mailman/listinfo/voyage-linux
