Critical OpenSSL vulnerability in Debian and derivated distributions.

May 14, 2008

Author: JT Smith

Debian and Ubuntu published fixed packages of the OpenSSL software and urge all users to install them in order to bypass a critical weakness in this software.Luciano Bello, discovered that the random generator in Debian’s openssl package is predictable. It causes serious consequences to all cryptographic material generated by the vulnerable versions of OpenSSL.

It could be easy to guess the encryption key by applying a brute force attack.

Only Debian, Ubuntu and their derivated distributions have reported this weakness in OpenSSL.

Please browse WAHIL.net to get a further reading about it as well as to download fixed packages of OpenSSL.

Visit Debian and Ubuntu for updates on it and for download fixed versions of OpenSSL.

Link: wahil.net

Category:

Security

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR