[Tfug] Debian SSH vulnerability
Claude Rubinson
rubinson at u.arizona.edu
Tue May 13 17:37:56 MST 2008
On Tue, May 13, 2008 at 05:22:35PM -0700, William Stott wrote:
> No central patch management system for Debian?
The problem is that user-generated keys may be weak. No way to
provide a central fix for that.
This is one of the most serious security problems that Debian's had in
its history and affects SSL, SSH, VPN, DNSSEC, etc. Basically,
anything that makes use of OpenSSL.
Claude
More information about the tfug
mailing list