MobileRead Forums - View Single Post

mojojojo · 05-16-2008, 04:19 AM

Hi!

As I understand it, this vmware image was built on debian. Is the openssl library installed on it, and is it one of the versions affected by the recent debian openssl critical security flaw?
I'm referring to
http://www.debian.org/security/2008/dsa-1571

In short, what the above link says, is that on debian linux distributions any public keys generated by the flawed openssl library is easily predicted, and unfortunately the flawed openssl version has been in production since late 2006, I believe.

05-16-2008, 04:19 AM	#52
mojojojo Junior Member Posts: 5 Karma: 10 Join Date: Dec 2007 Device: Irex Iliad	Debian openssl security flaw relevance Hi! As I understand it, this vmware image was built on debian. Is the openssl library installed on it, and is it one of the versions affected by the recent debian openssl critical security flaw? I'm referring to http://www.debian.org/security/2008/dsa-1571 In short, what the above link says, is that on debian linux distributions any public keys generated by the flawed openssl library is easily predicted, and unfortunately the flawed openssl version has been in production since late 2006, I believe.