Bug 852964 - openssh-blacklist is broken and doesn't do anything useful at all
openssh-blacklist is broken and doesn't do anything useful at all
Product: Fedora
Classification: Fedora
Component: openssh-blacklist (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Petr Lautrbach
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2012-08-30 02:12 EDT by Kurt Seifried
Modified: 2012-09-14 12:11 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2012-09-14 12:11:28 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2012-08-30 02:12:25 EDT
Description of problem:

openssh-blacklist is the "Downloader of the openssh keys affected by CVE-2008-0166" (the Debian OpenSSL key generation issue). It no longer works as the site it tries to download from is 

The url in rpm -qpi:


is server not found. 

The server URL listed for the actual download:


is 403 forbidden.

This program no longer works at all, it should probably be removed from Fedora.
Comment 1 Petr Lautrbach 2012-09-07 10:40:00 EDT
You're right, I've retired openssh-blacklist package from all current Fedora releases and filled rel-eng ticket [1].

Thanks for the report.

[1] https://fedorahosted.org/rel-eng/ticket/5325

Note You need to log in before you can comment on or make changes to this bug.