Blog Post
Article posted on Jun 2
Finnix and Debian’s OpenSSL Vulnerability
- Posted by Ryan Finnie on June 2, 2008, 1:05 am
All versions of Finnix from 89.0 to 91.1 (inclusive) contain the Debian OpenSSL predictable RNG vulnerability. The fix will be included with the next scheduled (approximately quarterly) release of Finnix in the next few weeks. In the meantime, if you use any OpenSSL-related programs (openssl itself, ssh, openvpn, etc) on Finnix, be sure to do the following as soon as you boot Finnix:
apt-get update && apt-get install libssl0.9.8
Finnix does not include any pre-generated keys, but any keys generated on Finnix with a vulnerable OpenSSL will be vulnerable.
- Leave Comment
- Posted in Finnix
Finnix
Categories
Archives
Recent Comments
- Ubik!: I just want to take opportunity to thank the Finnix team for a great linux distro
I was so happy to find... - Steve: I tried to make a bootable DVD using mkisofs using the isolinux.bin file in the v93 iso download and it would...
- Rony: I find Finnix extremely useful when servicing Windows as well as Linux machines, especially for taking backups...
- bubo: hehe, the CRAY really is is cracking me up…funny stuff and a nice office by the way . thanks for...
- Ryan Finnie: Rodney, the package lists are in the release notes, 3rd bullet point at the top....