852964 – openssh-blacklist is broken and doesn't do anything useful at all

Bug 852964 - openssh-blacklist is broken and doesn't do anything useful at all

Summary: openssh-blacklist is broken and doesn't do anything useful at all

Keywords:
Status:	CLOSED NEXTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	openssh-blacklist
Sub Component:
Version:	17
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Petr Lautrbach
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-08-30 06:12 UTC by Kurt Seifried
Modified:	2012-09-14 16:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-09-14 16:11:28 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Kurt Seifried 2012-08-30 06:12:25 UTC

Description of problem:

openssh-blacklist is the "Downloader of the openssh keys affected by CVE-2008-0166" (the Debian OpenSSL key generation issue). It no longer works as the site it tries to download from is 

The url in rpm -qpi:

http://www.benhur.prf.cuni.cz/medved-7/wydobitki/?path=openssh-blacklist

is server not found. 

The server URL listed for the actual download:

http://jfch2222.fedorapeople.org/openssh-blacklist/

is 403 forbidden.

This program no longer works at all, it should probably be removed from Fedora.

Comment 1 Petr Lautrbach 2012-09-07 14:40:00 UTC

You're right, I've retired openssh-blacklist package from all current Fedora releases and filled rel-eng ticket [1].

Thanks for the report.

[1] https://fedorahosted.org/rel-eng/ticket/5325

Note You need to log in before you can comment on or make changes to this bug.