Hello, Am Mittwoch, 14. Mai 2008 schrieb Florian Weimer: > Package : openssh > Vulnerability : predictable random number generator > Problem type : remote > Debian-specific: yes > CVE Id(s) : CVE-2008-0166
> 1. Install the security updates > > This update contains a dependency on the openssl update and will > automatically install a corrected version of the libss0.9.8 package, > and a new package openssh-blacklist. > > Once the update is applied, weak user keys will be automatically > rejected where possible (though they cannot be detected in all > cases). It might be helpful to know, in what cases weak keys can / cannot be detected. Keep smiling yanosz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
