Page 1 of 1
Huge Hole in Linux Found, Leaves Millions Vulnerable
Posted: Fri May 23, 2008 9:48 pm
by MoneyGuyBK
Re: Huge Hole in Linux Found, Leaves Millions Vulnerable
Posted: Fri May 23, 2008 10:00 pm
by uncle_fungus
This is old news:
http://article.gmane.org/gmane.linux.de ... ounce/1614
It only affects Debian and derived distros (like ubuntu), since it was their distro-specific alteration of OpenSSL that caused the bug, and was patched as soon as it was discovered.
Moved to General non-FAH. -UF
Re: Huge Hole in Linux Found, Leaves Millions Vulnerable
Posted: Fri May 23, 2008 10:03 pm
by MoneyGuyBK
What a relief.....
Thanx UF for the quick reply.
Peace
Re: Huge Hole in Linux Found, Leaves Millions Vulnerable
Posted: Fri May 23, 2008 10:09 pm
by uncle_fungus
The vulnerability is likely not to affect desktop users anyway, since most applications that use OpenSSL are server or remote access applications. If you use SSH, you'll want to regenerate your keys though.
See this page for details on affected apps and how to perform the key rollover:
http://www.debian.org/security/key-rollover/
Applications like Firefox (Iceweasel on Debian) aren't affected as they use a different crypto library.
