[Pkg-openca-users] OpenCA and security vulnerability in Debian
Maciej Szuba
maciej.szuba at gmail.com
Tue May 20 19:00:37 UTC 2008
Hello!
What should I have do? I use Debian for subca, rootca is working on
Fedora. I generated 400 cert on subca and distributed to clients.
Last week I saw message about openssl vulnerability in Debian:
"Luciano Bello discovered that the random number generator in Debian's
openssl package is predictable. This is caused by an incorrect
Debian-specific change to the openssl package (CVE-2008-0166). As a
result, cryptographic key material may be guessable." I check certs
are Affected. So in this way I must revoked all client 's certs and
subca cert in rootca. But i have a questions what about crl, where
client find crl if I revoced (and genetated new) subca cert. I would
like ask developers about way to find solution??
Maciej
More information about the Pkg-openca-users
mailing list