Finnix

Blog Post

Article posted on Jun 2

Finnix and Debian's OpenSSL Vulnerability

  • Posted by Ryan Finnie on June 2, 2008, 1:05 am

All versions of Finnix from 89.0 to 91.1 (inclusive) contain the Debian OpenSSL predictable RNG vulnerability. The fix will be included with the next scheduled (approximately quarterly) release of Finnix in the next few weeks. In the meantime, if you use any OpenSSL-related programs (openssl itself, ssh, openvpn, etc) on Finnix, be sure to do the following as soon as you boot Finnix:

apt-get update && apt-get install libssl0.9.8

Finnix does not include any pre-generated keys, but any keys generated on Finnix with a vulnerable OpenSSL will be vulnerable.

  • Leave Comment
  • Posted in Finnix

Leave a Reply

Click here to cancel reply.

If you have an OpenID, you may fill it in here. If your OpenID provider provides a name and email, those values will be used instead of the values here. Learn more about OpenID or find an OpenID provider.

« Finnix 91.1 Released
Finnix 92.0 coming soon »

Finnix

  • Wiki
  • Blog
  • Snapshots

Finnix on Identi.ca

  • zinayfuzz: RT @fo0bar !Finnix 108 released! http://ur1.ca/dsds4 External link
  • fo0bar: !Finnix 108 released! http://ur1.ca/dsds4 External link Geotagged
  • neustradamus: !Finnix 108 has been released ( !Debian ) http://www.finnix.org/ External link
  • zinayfuzz: RT @fo0bar !Finnix 107 released! http://ur1.ca/c9oqp External link
  • fo0bar: !Finnix 107 released! http://ur1.ca/c9oqp External link Geotagged

Categories

  • Announcements (33)
  • Development (35)
  • Finnix (106)
  • Miscellany (24)

Archives

  • May 2013 (2)
  • December 2012 (1)
  • November 2012 (1)
  • October 2012 (1)
  • July 2012 (1)
  • April 2012 (1)
  • March 2012 (2)
  • February 2012 (2)
  • January 2012 (1)
  • December 2011 (1)
  • October 2011 (2)
  • September 2011 (1)

Recent Comments

  • Ryan Finnie: Package lists are available in the release notes.
  • Ben in Seattle: This seems like a very neat distribution, but I’m having a devil of a time figuring out what...
  • Ryan Finnie: It is installed, it’s just at /usr/games/robotfindskitten, which is not in root’s path.
  • robotfindskitten enjoyer: robotfindskitten does not appear to be installed by default in Finnix 106. This is a great...
  • Steve Nordquist: I would have HFS+ with i18n filenames available for available console charsets (Chinese...

Search

Meta

  • Log in
Powered by WordPress.