-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/06/2014 02:55 PM, Jeremy T. Bouse wrote: > On 05/06/2014 05:08 AM, Kristian Fiskerstrand wrote: >> Dear lists, >> >> Following the release of SKS 1.1.5[0] the following changes will >> be made to the pools of sks-keyservers.net >> >> subset.pool.sks-keyservers.net has been set to a minimum >> requirement of SKS 1.1.5 with immediate effect. >> >> Due to CVE-2014-3207[1] I want to bump >> hkps.pool.sks-keyservers.net to a requirement of 1.1.5 as this >> can potentially be in another security context / zone, however >> I'm giving this a grace period of (at least) 45-60 days to allow >> server administrators to upgrade their servers.
In recognition of package-maintainers backporting the security fixes to older versions of SKS for stable systems I'm revising the latter statement a bit. I have now implemented a test for affected servers instead of relying on the version information. This is currently active, and non-patched servers in the HKPS pool should now show up with an orange flag for the HKPS column. - -- - ---------------------------- Kristian Fiskerstrand Blog: http://blog.sumptuouscapital.com Twitter: @krifisk - ---------------------------- Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 - ---------------------------- Nomina stultorum scribuntur ubique locorum Fools have the habit of writing their names everywhere -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJTb+DmAAoJEPw7F94F4TagQXsQAJi/479jLOtlKsihAohC5XcR RQoA6UDhcinCKvIGg5zzMcGd6aY9z2O+yDrGj5AX3k6j5ijEf0uU6Ia+tEj8OeVF j7VpDwdjtT3r78cipRLcvKEPBSHRTtSJ8qQQW7fLG56u8GiRu6ycR+fG/Q1w8o3A wJgvnCjLXnUWDuSLHN31uUQzyoYtACb06oUIGBpZ/gMMImiRSphBsNO7duxH+D3z oqLxgzO/YEj3iyLy6QmE/csC22Ty1dB+ppfC7dTU5LjKbxI0Z8qLw1+/SPWRgPG6 xMgerJLkYPVq99JtRFP7I58o3fEIWJaNAP/1rRgycIzwElDdOezh/VZwVpmLtTXq ha2TefFm2D6h8rdCId5gVbGkpy8GN7FnN5DUqJ3GmdMuev22vzCSpWA7S5B9Xcyk RAFiHvDag0RJC63SMyefOucoOk50wDdJ06pUByMQx5x4j5uCb6XEwozk1jST9uP2 MgWYXaaAv6ftt8Jk8C67f13Uvdbhap2V6pePuDGocLXrTDJr/R9afNEYW6UmaXiN BeRO3OsU55lO5GRUIutf6+RY3Q83EAKa7zO78HEkedebjAJxTEZ5EwxBj+toFwxs IQTre3Ec5y2UY8jlFdLmsTCuT5P8YnQqMjhiWLvrSsgtEno4jt9TbfCxpIfNzlIP 0jpO1kt1GcRn1Z6JUzH5 =TKch -----END PGP SIGNATURE----- _______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel