OpenSSL vulnerability in Debian Etch and Ubuntu

A vulnerability involving predictable random numbers has been discovered in the OpenSSL packages included with Debian Etch and Ubuntu systems. This vulnerability affects all software which makes use of SSL/TLS encrypted connections, including Citadel.

Please see for more detailed information.

In order to patch the OpenSSL vulnerability, issue this command:

apt-get update; apt-get upgrade

Afterwards, you should regenerate your private keys in SSL/TLS enabled applications, such as Citadel. The procedure for doing so on a Citadel installation using the Debian package is:

rm -f /etc/ssl/citadel/*

For an Easy Install system, it is:

rm -f /usr/local/citadel/keys/*

Then restart Citadel to make it generate new keys. If you are making use of certificates signed by a certificate authority, you will need to submit a new CSR to them for re-signing.

Naturally, if you are also running OpenSSH on your server, you will need to regenerate keys for that as well.