446790 – RNG in some Debians are predictable (affects CSRs)

Bug 446790 - RNG in some Debians are predictable (affects CSRs)

Summary: RNG in some Debians are predictable (affects CSRs)

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Dogtag Certificate System
Classification:	Retired
Component:	CA
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	Christina Fu
QA Contact:	Chandrasekar Kannan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-05-16 01:15 UTC by Bob Lord
Modified:	2015-01-04 23:32 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-01-15 19:42:50 UTC
Embargoed:

Attachments	(Terms of Use)

Description Bob Lord 2008-05-16 01:15:53 UTC

Description of problem:
the random number generator in Debian’s openssl package is predictable. This is
caused by an incorrect Debian-specific change to the openssl package
(CVE-2008-0166). As a result, cryptographic key material may be guessable.

More links:
http://blog.cacert.org/2008/05/302.html
http://blog.cacert.org/2008/05/300.html
http://wiki.debian.org/SSLkeys

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

CAcert is currently implementing a global Hash-Server: 
http://wiki.cacert.org/wiki/HashServer
http://hashserver.cacert.org/

Note You need to log in before you can comment on or make changes to this bug.