[Pkg-openssl-devel] Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)
Kees Cook
kees at canonical.com
Wed May 21 10:48:54 UTC 2008
Hi,
On Wed, May 21, 2008 at 12:33:48PM +0200, Alberto Gonzalez Iniesta wrote:
> On Wed, May 21, 2008 at 06:31:01AM -0400, Jamie Strandboge wrote:
> > On Fri, 16 May 2008, Jamie Strandboge wrote:
> >
> > > I am going to be releasing an updated openssl-blacklist which will allow
> > > openssl-vulnkey to scan x509 certificates in addition to the current rsa
> > > private key files. It will also have the completed bigendian 32bit
> > > blacklist (due to time constraints, it now only has half of be32). I will be
> > > travelling tomorrow and Sunday and will likely not be able to get it out
> > > until Monday though.
> > >
> > This has now been published in Ubuntu Intrepid (the development branch) [1].
> > I believe Kees will handle uploading to Debian.
> >
> > Jamie
> >
> > [1] https://launchpad.net/ubuntu/intrepid/+source/openssl-blacklist/0.2
> >
>
> Great, thanks Jamie. Kees, can you ping us when the packages hit NEW so
> I can warn Joerg and upload OpenVPN?
Yeah, I'll get it up now. I just need to make sure I'm not stepping on
toes. Christoph, I'm adding you to the Uploaders in the case you
need to hijack the package. :) Since getting this in is blocking
openvpn, I'd like to just give it a shove sooner than later.
--
Kees Cook
More information about the Pkg-openssl-devel
mailing list