[Pkg-openssl-devel] Bug#732710: openssl: rdrand should be disabled by default
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Dec 20 14:38:19 UTC 2013
Package: openssl
Version: 1.0.1e-4
Severity: normal
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu trusty ubuntu-patch
*** /tmp/tmpVmJEAg/bug_body
OpenSSL uses rdrand exclusively if it is available.
http://seclists.org/fulldisclosure/2013/Dec/99
http://wiki.openssl.org/index.php/Library_Initialization#ENGINEs_and_RDRAND
Upstream has changed this behaviour.
In Ubuntu, the attached patch was applied to achieve the following:
* debian/patches/no_default_rdrand.patch: Don't use rdrand engine as
default unless explicitly requested.
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers saucy-updates
APT policy: (500, 'saucy-updates'), (500, 'saucy-security'), (500, 'saucy-proposed'), (500, 'saucy'), (100, 'saucy-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.11.0-15-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssl_1.0.1e-4ubuntu4.debdiff
Type: text/x-diff
Size: 1588 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20131220/1a53b1a0/attachment.diff>
More information about the Pkg-openssl-devel
mailing list