Home Download News FAQ / Knowledge Base Screenshots Documentation Support Site map
philosophical imaginary

OpenSSL vulnerability in Debian Etch and Ubuntu

A vulnerability involving predictable random numbers has been discovered in the OpenSSL packages included with Debian Etch and Ubuntu systems. This vulnerability affects all software which makes use of SSL/TLS encrypted connections, including Citadel.

Please see http://lists.debian.org/debian-security-announce/2008/msg00152.html for more detailed information.

In order to patch the OpenSSL vulnerability, issue this command: 

apt-get update; apt-get upgrade

Afterwards, you should regenerate your private keys in SSL/TLS enabled applications, such as Citadel. The procedure for doing so on a Citadel installation using the Debian package is:

rm -f /etc/ssl/citadel/*

For an Easy Install system, it is:

rm -f /usr/local/citadel/keys/*

Then restart Citadel to make it generate new keys. If you are making use of certificates signed by a certificate authority, you will need to submit a new CSR to them for re-signing.

Naturally, if you are also running OpenSSH on your server, you will need to regenerate keys for that as well.

Copyright © 1987-2013 Uncensored Communications Group. All rights reserved.     Login (site admin)