Debian-based OpenSSL keys -- vulnerable to attack?
tjc at wintrmute.net
Thu May 22 06:05:38 BST 2008
On Wed, May 21, 2008 at 09:50:31PM -0700, Jonathan Lloyd wrote:
> I received a message from the Association for Computing and Machinery saying
> that any SSL key generated on a Debian system since May of 2006 could be
> vulnerable to attack. Seems kind of important -- assuming it is legitimate.
> - http://www.technologyreview.com/Infotech/20801/
> - http://blogs.zdnet.com/security/?p=1102
Debian screwed up badly.
More information about the london.pm