|
| From: | Brian May |
| Subject: | Re: [Monotone-devel] [Fwd: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator] |
| Date: | Thu, 15 May 2008 12:54:49 +1000 |
| User-agent: | Icedove 1.5.0.14eol (X11/20080509) |
Zack Weinberg wrote:
Monotone does not use openssl at all, and so cannot be affected by this bug.
Oops. My mistake. I thought it did.
Yes. This security issue here is very specific to openssl running on Debian/Ubuntu.I'm not aware of any flaws in our cryptography library (Botan)'s random number generation, and I trust the library's author to have gotten this right.
Brian May
| [Prev in Thread] | Current Thread | [Next in Thread] |