[Pkg-openssl-devel] [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Christoph Martin
martin at uni-mainz.de
Wed May 21 12:11:17 UTC 2008
Dirk-Willem van Gulik schrieb:
>
> On May 20, 2008, at 10:41 PM, Christoph Martin wrote:
>
>> Hi Dirk-Willem,
>>
>> Dirk-Willem van Gulik schrieb:
>>> Christoph - will be posting below to debian-security sometime later
>>> today as I am in the middle of check if we move this to a more proper
>>> place. But wanted to give you a heads up - if that helps.
>>
>> Thanks for your input. Please be aware that I just created a svn
>> repository on alioth:
>> svn+alioth://svn.debian.org/svn/pkg-openssl/openssl-blacklist
>>
>> At the moment there is only the basic package from ubuntu.
> Note that I'll leave the tool making for now - just will be focusing on
> getting the actual moduli as complete as possible; and leave the
> generation of shortened derivatives like [1] or the even shorter
> versions made by [2] to the tool makers.
>
> I am more focused on getting known and verifiable input to create '1'.
That woold be very good. I tried to find this out myself but did not yet
find the correct information.
> 1:http://svn.debian.org/viewsvn/pkg-openssl/openssl-blacklist/trunk/blacklist.RSA-1024
>
> 2:http://svn.debian.org/viewsvn/pkg-openssl/openssl-blacklist/trunk/debian/rules
Christoph
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: Christoph.Martin at Verwaltung.Uni-Mainz.DE
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20080521/6ad226f3/attachment.pgp
More information about the Pkg-openssl-devel
mailing list