[Pkg-openssl-devel] [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Christoph Martin
martin at uni-mainz.de
Tue May 20 15:56:56 UTC 2008
Hi Alberto,
Alberto Gonzalez Iniesta schrieb:
> The package is being build by its original author (Jamie) and everything
> got started when the OpenVPN maintainer (me) decided to add secret/key
> file validation like the one on the Ubuntu package. Since those
> validations required open(ssl|vpn)-blacklist packages, I contacted with
> Jamie and Kees from Ubuntu and Debian's Security Team.
So, you are building openvpn-blacklist and openssl-blacklist for Debian?
If you are also building openssl-blacklist, please cc all messages about
it to pkg-openssl-devel at lists.alioth.debian.org, so that we have a
chance to participate.
It would have been nice to hear earlier from you, because I am just in
the process of building a openssl-blacklist package myself too. I did an
ITP and wanted to upload the package to unstable soon.
At the moment it is just the ubuntu package with the depends and
maintainer changed. It only includes the 1024 and 2048 RSA keys. The
goal should be to have eventually a package containing all the
vulnerable key hashes up to 4096bits and with the variations which come
in if you are on 32bit or 64bit, little or big endian, if you have .rnd
or not, etc.
Christoph
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: Christoph.Martin at Verwaltung.Uni-Mainz.DE
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20080520/e38185e0/attachment.pgp
More information about the Pkg-openssl-devel
mailing list