Hi Punky, when I installed my soekris with release 0.4 I was surprised to not see the security.debian.org already in place in sources.list file... Have you planned to add it in new releases? T.
Kim-man 'Punky' Tse wrote: > Hi all, > > It is discovered that the random number generator in Debian's openssl > package is predictable. As a result, cryptographic key material may be > guessable. This vulnerability affects the following Voyage Linux > release that were based on Debian Etch: > > * All 0.3 versions > * All 0.4 versions > * 0.5.0 > > You are strongly advised to perform the following procedures to update > Voyage of the above affected versions. > > 1. Edit /etc/apt/sources.list, add the line: > > deb http://security.debian.org stable/updates main > > 2. Run: > > # apt-get update; apt-get dist-upgrade > > Next, follows the information below to regenerate encryption keys and > detect comprised keys on your affected systems. > > * Debian Security Advisory DSA-1571-1 - > http://www.debian.org/security/2008/dsa-1571 > * SSLKeys on Debian Wiki - http://wiki.debian.org/SSLkeys > * Key Rollover - http://www.debian.org/security/key-rollover/ > > Regards, > Punky > > _______________________________________________ > Voyage-linux mailing list > [email protected] > http://list.voyage.hk/mailman/listinfo/voyage-linux -- Tomaso Dessì - Internet Services Management Tiscali Services S.p.A. - Loc. Sa Illetta, S.S. 195 Km 2,300 - 09122 Cagliari Tel: +39 070.4601.1 Fax: +39 070.4609.563 http://www.tiscaliservices.it () ASCII Ribbon Campaign /\ Against HTML Mail _______________________________________________ Voyage-linux mailing list [email protected] http://list.voyage.hk/mailman/listinfo/voyage-linux
