Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
Yes, all Debian-derived systems are also vulnerable. Debian has coordinated with Ubuntu and
other distros on the details of the bug. If they haven't already fixed it, expect the
derivatives to release updates soon.
Cryptographic weakness on Debian systems
Posted May 13, 2008 19:48 UTC (Tue) by KingKevbo (guest, #10975)
I'm not seeing any updates to SSH packages in Debian yet. (I've already applied SSH updates to
my Ubuntu desktop.) Are they still working on the packages for Debian?
Posted May 13, 2008 19:52 UTC (Tue) by nix (subscriber, #2304)
The update is to libssl, not openssh, and it's hit testing.
Posted May 14, 2008 0:42 UTC (Wed) by nix (subscriber, #2304)
Oops, sorry, there *is* an openssh update as well, in ubuntu at least.
Posted May 13, 2008 22:02 UTC (Tue) by maxb (guest, #52055)
The updated SSH packages in Ubuntu were derived from updates in Debian, but Ubuntu has
published them as a security update, whereas the Debian packages are currently sitting in
Posted May 14, 2008 0:14 UTC (Wed) by cjwatson (subscriber, #7322)
I worked on the openssh side of the update for both Debian and Ubuntu (largely on Canonical
time, but dealing with openssh in Debian as well). Unfortunately I only managed to get the
openssh update into the upload queue after the Debian system administration team locked down
SSH access in various places, which it transpired also knocked out the ability to publish
further updates for a while ... with any luck this will be sorted out soon.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds