mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-12-11 05:03:34 +01:00
17 lines
697 B
Plaintext
17 lines
697 B
Plaintext
|
tor (0.2.0.26-rc-1) experimental; urgency=critical
|
||
|
|
||
|
* weak cryptographic keys
|
||
|
|
||
|
It has been discovered that the random number generator in Debian's
|
||
|
openssl package is predictable. This is caused by an incorrect
|
||
|
Debian-specific change to the openssl package (CVE-2008-0166). As a
|
||
|
result, cryptographic key material may be guessable.
|
||
|
|
||
|
See Debian Security Advisory number 1571 (DSA-1571) for more information:
|
||
|
http://lists.debian.org/debian-security-announce/2008/msg00152.html
|
||
|
|
||
|
If you run a Tor server using this package please see
|
||
|
/var/lib/tor/keys/moved-away-by-tor-package/README.REALLY
|
||
|
|
||
|
-- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 12:49:05 +0200
|