[dundee] OpenSSL vulnerability in Debian Systems

gordon dunlop astrozubenel at googlemail.com
Thu May 15 22:49:20 BST 2008


An OpenSSl vulnerability has been found in Debian systems and their
derivatives which affects SSH keys, OpenVN keys, DNSSEC keys and
session keys used in SSL/TLS connections:

http://www.itwire.com/content/view/18213/1154/

http://blog.thedebianuser.org/?p=307

This means that new SSH keys etc have to be generated. It probably
affects thousands of servers around the globe. The Administrators of
the UK LUG server has wiped all SSH keys for every LUG so that new
keys for Debian systems can be regenerated, they are not taking any
chances. Fortunately I use Fedora, I don't have to regenerate my SSH
key, all I have to do is put it back on the server.

Gordon



More information about the dundee mailing list