On 15/12/13 22:10, Robert Millan wrote:
> Perhaps we should just disable Via chipset from sys/dev/random/probe.c.
> Would this be a terrible loss for a Technology Preview release?
>From reading upstream's Errata Note[0], they have more or less done this
and disabled the hardware providers of /dev/{,u}random in stable/8 and
stable/9 by default.
[0]: http://security.freebsd.org/advisories/FreeBSD-EN-14:01.random.asc
Only the new code in kfreebsd/10 will be able to use the output of those
RNGs safely, probably feeding them into Yarrow as a potential extra
source of 'some' usable additional entropy.
VIA RNGs were enabled in 9.1 kernels, Intel Bull Mountain in 9.2, and
both in 8.4. Thankfully wheezy's 9.0 and 8.3 kernels had not enabled
either of those RNGs yet. Only kernels in jessie/sid (and before that,
experimental) have been potentially affected.
Regards,
--
Steven Chamberlain
ste...@pyro.eu.org
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/52d5ab5f.10...@pyro.eu.org
