Re: [vserver] OpenSSL: various distributions on debian hosts affected or not?:
 vserver development mailing list 
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]

Re: [vserver] OpenSSL: various distributions on debian hosts affected or not?

From: Daniel Hokka Zakrisson <daniel_at_hozac.com>
Date: Thu 15 May 2008 - 22:52:09 BST
Message-ID: <33000.192.168.102.6.1210888329.squirrel@intranet>

Guenther Fuchs wrote:
> Hi there,
>
> today various forms of announcements made the vulnerability of debian
> openssl packages public, messages sounded like this:
>
> --- snip ---
> A severe vulnerability was found in the random number generator (RNG)
> of the Debian OpenSSL package, starting with version 0.9.8c-1 (and
> similar packages in derived distributions such as Ubuntu). ...
> --- snap ---
>
> My question to that is: Is it possible, that guests using different
> distributions (example Fedora or RedHat) on Debian hosts are affected
> by that?

As long as you haven't used your guests' DSA keys from the host, you
should be safe. (From what I understand, anyway. I haven't read any of the
advisories too carefeully.)

> I would guess no as there are different libraries used inside, but I'm
> not too far into that technical things ;-)
>
> --
> regards 'n greez,
>
> Guenther Fuchs
> (aka "muh" and "powerfox") 

-- 
Daniel Hokka Zakrisson
Received on Thu May 15 22:52:23 2008
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 15 May 2008 - 22:52:26 BST by hypermail 2.1.8