ssh-vulnkey -a
Yesterday, 13 May 2008, was a really bad day for the Debian project, probably one of the worst days in the history of Debian. Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.
Systems which are running any of the following releases are affected :
- Debian 4.0 (etch):
http://www.debian.org/security/2008/dsa-1571 - Ubuntu 7.04 (Feisty), 7.10 (Gutsy), 8.04 LTS (Hardy):
http://www.ubuntu.com/usn/usn-612-1 - and other debian etch based distros.
Tags: debian-etch, openssl, ssh






