[Pkg-openssl-devel] Bug#469554: Bug#469554: openssl: Overflow bug in SSL key generation
Kurt Roeckx
kurt at roeckx.be
Wed Mar 5 22:03:41 UTC 2008
merge 449553 469554
thanks
On Wed, Mar 05, 2008 at 03:07:49PM -0600, John Goerzen wrote:
> Package: openssl
> Version: 0.9.8g-3
> Severity: normal
>
> I generated an SSL key with req -x509 -days 20000
>
> The resulting key expired in 1926, but was valid starting today.
>
> Something ought to warn about that!
>
> -- System Information:
> Debian Release: lenny/sid
> APT prefers unstable
> APT policy: (500, 'unstable'), (99, 'experimental')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.22-3-686 (SMP w/2 CPU cores)
> Locale: LANG=C, LC_CTYPE=en_US (charmap=ISO-8859-1)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages openssl depends on:
> ii libc6 2.7-5 GNU C Library: Shared libraries
> ii libssl0.9.8 0.9.8g-3 SSL shared libraries
> ii zlib1g 1:1.2.3.3.dfsg-8 compression library - runtime
>
> openssl recommends no packages.
>
> -- no debconf information
>
>
>
> _______________________________________________
> Pkg-openssl-devel mailing list
> Pkg-openssl-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-openssl-devel
More information about the Pkg-openssl-devel
mailing list