来源: http://www.debian.org/security/2008/dsa-1571
这一漏洞影响debian,基于它的ubuntu同样牵连. SSL/SSH密钥可被猜解
这一安全提示用户采取一些措施让基于Debian的系统免于密码猜解,官方还公布了一些缺陷密钥细节,并建议OpenSSL 0.9.8c-1之后版本的用户重算加密体系.
目前ubuntu官方源已经有openssl的更新包了,建议大家更新至 0.9.8g-4ubuntu3.1
debian和ubuntu的openssl包报出严重漏洞
- bones7456
- 帖子: 8495
- 注册时间: 2006-04-12 20:05
- 来自: 杭州
- 联系:
debian和ubuntu的openssl包报出严重漏洞
关注我的blog: ε==3
- bones7456
- 帖子: 8495
- 注册时间: 2006-04-12 20:05
- 来自: 杭州
- 联系:
- skyx
- 论坛版主
- 帖子: 9202
- 注册时间: 2006-12-23 13:46
- 来自: Azores Islands
- 联系:
- meteormatt
- 帖子: 693
- 注册时间: 2008-02-24 14:15
- 系统: Ubuntu
- 来自: 江苏
- 联系:
Re: debian和ubuntu的openssl包报出严重漏洞
我的163邮箱都收到了.而且和Tor都有关系.囧bones7456 写了:来源: http://www.debian.org/security/2008/dsa-1571
这一漏洞影响debian,基于它的ubuntu同样牵连. SSL/SSH密钥可被猜解
这一安全提示用户采取一些措施让基于Debian的系统免于密码猜解,官方还公布了一些缺陷密钥细节,并建议OpenSSL 0.9.8c-1之后版本的用户重算加密体系.
目前ubuntu官方源已经有openssl的更新包了,建议大家更新至 0.9.8g-4ubuntu3.1
SUMMARY:
This is a critical security announcement.
A bug in the Debian GNU/Linux distribution's OpenSSL package was
announced today. This bug would allow an attacker to figure out private
keys generated by these buggy versions of the OpenSSL library. Thus,
all private keys generated by affected versions of OpenSSL must be
considered to be compromised.
囗囗囗 uses OpenSSL, so 囗囗囗 users and admins need to take action in order
to remain secure in response to this problem.
If you are running Debian, Ubuntu, or any Debian-based GNU/Linux
distribution, first follow the instructions at
http://lists.debian.org/debian-security ... 00152.html
to upgrade your OpenSSL package to a safe version. If you're running a
囗囗囗 server or a 囗囗囗 hidden service, then also follow the instructions
below to replace your 囗囗囗 identity keys.
Also, if you are running 囗囗囗 0.2.0.x, you must upgrade to 囗囗囗
0.2.0.26-rc.
怀念以前的老台式机。可惜现在租的地方没条件用了。目前只能用笔记本和手机了。
- bones7456
- 帖子: 8495
- 注册时间: 2006-04-12 20:05
- 来自: 杭州
- 联系:
- skyx
- 论坛版主
- 帖子: 9202
- 注册时间: 2006-12-23 13:46
- 来自: Azores Islands
- 联系:
- caijiamx
- 帖子: 86
- 注册时间: 2008-03-28 19:20
- 联系:
-
- 帖子: 25
- 注册时间: 2008-10-18 14:11
- 联系:
Re: debian和ubuntu的openssl包报出严重漏洞
查看版本在新立德软件管理器搜索关键字即可
- hacker
- 帖子: 9
- 注册时间: 2008-10-13 22:29