Bug 852964 - openssh-blacklist is broken and doesn't do anything useful at all
openssh-blacklist is broken and doesn't do anything useful at all
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: openssh-blacklist (Show other bugs)
17
All Linux
medium Severity medium
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-30 02:12 EDT by Kurt Seifried
Modified: 2012-09-14 12:11 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-14 12:11:28 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2012-08-30 02:12:25 EDT
Description of problem:

openssh-blacklist is the "Downloader of the openssh keys affected by CVE-2008-0166" (the Debian OpenSSL key generation issue). It no longer works as the site it tries to download from is 

The url in rpm -qpi:

http://www.benhur.prf.cuni.cz/medved-7/wydobitki/?path=openssh-blacklist

is server not found. 

The server URL listed for the actual download:

http://jfch2222.fedorapeople.org/openssh-blacklist/

is 403 forbidden.

This program no longer works at all, it should probably be removed from Fedora.
Comment 1 Petr Lautrbach 2012-09-07 10:40:00 EDT
You're right, I've retired openssh-blacklist package from all current Fedora releases and filled rel-eng ticket [1].

Thanks for the report.

[1] https://fedorahosted.org/rel-eng/ticket/5325

Note You need to log in before you can comment on or make changes to this bug.