As some of you have probably been made aware of somehow by now, the Debian openssl package introduced an incorrect change in version 0.9.8c-1, available since September 2007 and distributed with the current stable release "etch", which resulted in the output of the random number generator being predictable, as per CVE-2008-0166.
That directly affects openssh, and any key generated on Debian or Debian-derived systems from then until the recent security updates (on Debian, versions 0.9.8c-4etch3 or 0.9.8g-9) is deemed potentially compromised. It should be obvious from the start that we are exposed to risk by the number of developers we have that use Debian or Ubuntu systems, and we have run individual tests to reach the conclusion that we do, indeed, have this kind of key installed on the GNOME servers. Hence, I regret to inform that key authentication to GNOME machines has been disabled some minutes ago for safety. We will be working into putting mechanisms into place that allow for blacklisting upon authentication, so that the insecure keys are selectively disabled and we can resume normal operation as soon as possible. It is worth noting, however, that, for all we currently know, not all cases can be detected by the algorithms we have, which would make it insufficient to just remove the keys we know to be broken or blacklist them. Therefore, it is EXTREMELY important that, if you think your key has been generated in a system affected by this bug at the time, you have your system updated, regenerate your SSH keys and get them replaced by mailing [EMAIL PROTECTED] The Infrastructure Team may see a need to go a bit further than I have described in due course, but new announcements will be sent out if that is the case. We are sorry for the inconvenience, and hope not to have to disturb development for long or delay the next tarballs due date. Yours, -- Guilherme de S. Pastore The GNOME Sysadmin Team -- devel-announce-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/devel-announce-list
