tor.NEWS 697 B

12345678910111213141516
  1. tor (0.2.0.26-rc-1) experimental; urgency=critical
  2. * weak cryptographic keys
  3. It has been discovered that the random number generator in Debian's
  4. openssl package is predictable. This is caused by an incorrect
  5. Debian-specific change to the openssl package (CVE-2008-0166). As a
  6. result, cryptographic key material may be guessable.
  7. See Debian Security Advisory number 1571 (DSA-1571) for more information:
  8. http://lists.debian.org/debian-security-announce/2008/msg00152.html
  9. If you run a Tor server using this package please see
  10. /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY
  11. -- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 12:49:05 +0200