Ubuntu
openssl package

CVE-2008-0166: predictable random number generator

Bug #229951 reported by Colin Leroy-Mira on 2008-05-13

264

Affects		Status	Importance	Assigned to	Milestone
	openssl (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

See http://lists.debian.org/debian-security-announce/2008/msg00152.html.

From what I've found out, keys generated with the openssl package in Edgy, Feisty, Gutsy and Hardy are impacted by that problem. Keys generated with Dapper's openssl are OK.

CVE References

2008-0166

Revision history for this message

Kees Cook (kees) wrote on 2008-05-13:

Fixes are being published currently.

Changed in openssl:
status:	New → Fix Committed

Revision history for this message

Colin Leroy-Mira (colin-colino) wrote on 2008-05-13:

Thanks!

Revision history for this message

Kees Cook (kees) wrote on 2008-05-13:

http://www.ubuntu.com/usn/usn-612-1

Changed in openssl:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

Bug #229964

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuopenssl package

CVE-2008-0166: predictable random number generator

Bug Description

CVE References

Duplicates of this bug

Other bug subscribers

Remote bug watches

Ubuntu
openssl package