OpenSSL random number generator flaw (CVE-2008-0166)

Josh's Blog

Tuesday, May 13. 2008

OpenSSL random number generator flaw (CVE-2008-0166)

A flaw was discovered in a third-party vendor patch to the OpenSSL library which affected random number generator seeding (CVE-2008-0166). This patch has never been used by Red Hat, and this issue does not affect any Fedora, Red Hat, or upstream supplied OpenSSL packages.

Any cryptographic keys or encrypted data generated on a system using a distribution which was affected may be predictable and should be replaced. Affected vendors will be publishing advisories and advice on how to do this.
Posted by Josh Bressers in Security at 13:25 | Comments (0) | Trackbacks (0)

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA 1CAPTCHA 2CAPTCHA 3CAPTCHA 4CAPTCHA 5


BBCode format allowed
 
 

Calendar

Back November '08
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30            

Quicksearch

Archives

November 2008
October 2008
September 2008
Recent...
Older...

Categories



All categories

Syndicate This Blog

Blog Administration

Open login screen

Powered by

Serendipity PHP Weblog