On Tue, May 13, 2008 at 9:28 PM, Brian May <[EMAIL PROTECTED]> wrote: > Does this affect monotone keys? [...] > Package : openssl > Vulnerability : predictable random number generator > Problem type : remote > Debian-specific: yes > CVE Id(s) : CVE-2008-0166
Monotone does not use openssl at all, and so cannot be affected by this bug. I'm not aware of any flaws in our cryptography library (Botan)'s random number generation, and I trust the library's author to have gotten this right. zw _______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
