[Pkg-cups-devel] Bug#481426: marked as done (cupsys: SSL Certs Insecure (DSA-1571))
Kenshi Muto
kmuto at debian.org
Fri May 16 01:02:51 UTC 2008
At Thu, 15 May 2008 21:13:06 -0300,
Henrique de Moraes Holschuh wrote:
> On Thu, 15 May 2008, Debian Bug Tracking System wrote:
> > Debian's CUPS has used GNUTLS instead of OpenSSL by default.
>
> That doesn't make any difference if the certificate it is using was
> generated by openssl. Is that certificate under the local admin
> control? If it is, cupsys can also be affected.
Yes, admins can replace the key by themselves with their responsibility
(but I haven't tried it).
Because SSLkeys Wiki page focuses the weak keys made by Debian official
packages at this time, I don't think it is valuable to describe about CUPS
there.
Thanks,
--
Kenshi Muto
kmuto at debian.org
More information about the Pkg-cups-devel
mailing list