[plug] Debian / Ubuntu SSL Security Vulnerability

Ian Ball ian at iball.id.au
Tue May 27 17:12:21 WST 2008


I haven't seen this particular issue raised here yet, but there has been a
major security issue with SSL found recently.  Basically, a bug in the SSL
code has gone un-noticed, and caused encryption keys to be shorter than
they should be.  This leaves systems vulnerable to attack...

There is more information available at:

It is well worth applying the latest patches to your systems :)
Also, all SSL keys will need to be re-generated to get around the

This will affect you if you are running any secure applications, such as
https or ssh.  Also, other apps like postfix may be affected.

Have Fun !

--Ian Ball
e| ian at iball.id.au
h| http://iball.id.au

More information about the plug mailing list