[cosmo-dev] Debian vulnerability fallout
Travis Vachon
travis.vachon at gmail.com
Wed May 14 16:00:49 PDT 2008
Hi folks
A serious bug with ssl key generation on debian systems was recently
disclosed:
http://lists.debian.org/debian-security-announce/2008/msg00152.html
This effected nearly all of our servers, as we are primarily debian
based. I've gone and updated the appropriate packages and regenerated
host keys on the appropriate servers to limit our vulnerability, but
several loose ends remain.
The most obvious consequence of this change will be a connection
failure from ssh clients as a result of the new host keys. This
problem can be fixed by clearing the appropriate entries in ~/.ssh/
known_hosts or the corresponding file on a windows machine.
Please let me know if you have any questions.
Also, please respond to this message on chandler-dev at osafoundation.org
instead of cross-posting replies.
Thanks,
Travis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osafoundation.org/pipermail/cosmo-dev/attachments/20080514/84f6f809/attachment.htm
More information about the cosmo-dev
mailing list