RE: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-19 Thread Leonardo Naranjo
Hola: Por si les interesa, hay una alerta de seguridad en debian. Saludos Leonardo > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Date: Wed, 14 May 2008 11:24:56 +0200 > Subject: [SECURITY] [DSA 1576-1] New openssh packages fix

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread CaT
On Wed, May 14, 2008 at 07:33:43PM +0200, Jan Luehr wrote: > >To check all your own keys, assuming they are in the standard > >locations (~/.ssh/id_rsa, ~/.ssh/id_dsa, or ~/.ssh/identity): > > > > ssh-vulnkey > > I took a look at it and found two large blacklist containing lots of key

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread Jan Luehr
Hello, Am Mittwoch, 14. Mai 2008 schrieb Florian Weimer: > Package: openssh > Vulnerability : predictable random number generator > Problem type : remote > Debian-specific: yes > CVE Id(s) : CVE-2008-0166 > > The recently announced vulnerability in Debian's openssl package > (DSA-

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread CaT
On Wed, May 14, 2008 at 12:17:14PM +0200, Jan Luehr wrote: > > 1. Install the security updates > > > >This update contains a dependency on the openssl update and will > >automatically install a corrected version of the libss0.9.8 package, > >and a new package openssh-blacklist. > > > >

Re: AW: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread José Santos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wolf Tony wrote: | Hi, | | you only need to do | | aptitude install openssh-server | | or | | apt-get install openssh-server | | Best regards | | Tony Wolf | That worked fine. Thank you. Kind regards - -- José Santos [EMAIL PROTECTED] -BEGIN PGP

AW: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread Wolf Tony
Betreff: Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness Il 14 May 2008, alle 11:02, José Santos ha scritto: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > Fl

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread Jan Luehr
Hello, Am Mittwoch, 14. Mai 2008 schrieb Florian Weimer: > Package: openssh > Vulnerability : predictable random number generator > Problem type : remote > Debian-specific: yes > CVE Id(s) : CVE-2008-0166 > 1. Install the security updates > >This update contains a dependency o

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread Alvise Belotti
Il 14 May 2008, alle 11:02, José Santos ha scritto: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > Florian Weimer wrote: > | > | Debian Security Advisory DSA-1576-1 [EMAIL PROTECTED] > | http://w

Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness

2008-05-14 Thread José Santos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Florian Weimer wrote: | | Debian Security Advisory DSA-1576-1 [EMAIL PROTECTED] | http://www.debian.org/security/ Florian Weimer | Ma