An OpenSSL key vulnerability for Debian 4.0 and Debian-based Linux distributions was published on May 13th, 2008. This vulnerability has the potential to affect any systems which trust keys generated by Debian 4.0 and its derivative operating systems.

Please see the Debian and Debian-based Distribution Security Notice posted on the VPSLink forums and the SSL Keys entry at the Debian Wiki for more information regarding this vulnerability and recommended actions to address the potential security issues which may result from weak SSL keys.

Digg It! Bookmarks Stumble It! Google Bookmarks