Red Hat Bugzilla – Bug 852964
openssh-blacklist is broken and doesn't do anything useful at all
Last modified: 2012-09-14 12:11:28 EDT
Description of problem:
openssh-blacklist is the "Downloader of the openssh keys affected by CVE-2008-0166" (the Debian OpenSSL key generation issue). It no longer works as the site it tries to download from is
The url in rpm -qpi:
is server not found.
The server URL listed for the actual download:
is 403 forbidden.
This program no longer works at all, it should probably be removed from Fedora.
You're right, I've retired openssh-blacklist package from all current Fedora releases and filled rel-eng ticket .
Thanks for the report.