[Pkg-openssl-devel] [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

[Christoph Martin]

Hi Kees,

Kees Cook schrieb:
> 
> Hi!  Yes, I was intending to do an upload -- sorry for the lack of
> coordination.  Things have been rather hectic.  Jamie Strandboge has
> updates to the scripts and the blacklists (which we are publishing to
> Ubuntu stable security updates shortly).
> 
>> At the moment it is just the ubuntu package with the depends and
>> maintainer changed. It only includes the 1024 and 2048 RSA keys. The
>> goal should be to have eventually a package containing all the
>> vulnerable key hashes up to 4096bits and with the variations which come
>> in if you are on 32bit or 64bit, little or big endian, if you have .rnd
>> or not, etc.
> 
> Certainly.  I'd like to split "openssl-blacklist" binary package
> (default key sizes) from "openssl-blacklist-extra" (uncommon key sizes),
> as has been done in openssh-blacklist.
> 
> Is there already a svn for openssl-blacklist?  If I could be added to
> that project ('keescook-guest' on alioth) and the Uploaders list, I'd be
> happy to help with the package, and help get Jamie's changes into Debian.

We have an pkg-openssl repository on alioth. I just checked in the
original Ubuntu 0.1 version to
svn+alioth://svn.debian.org/svn/pkg-openssl/openssl-blacklist.

If you sent me your alioth username in a pgp signed message I will
enable the svn access for you.

Christoph

-- 
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
 Internet-Mail:  Christoph.Martin at Verwaltung.Uni-Mainz.DE
  Telefon: +49-6131-3926337
      Fax: +49-6131-3922856

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20080520/aa27dfba/attachment.pgp