[wplug] OpenSSL security vulnerability
Brian Sammon
wplug-list at brisammon.fastmail.fm
Thu May 15 10:32:09 EDT 2008
> I haven't seen any discussion of this, but it's actually very important.
> Some time ago, approximately two years, a single line was removed from the
> Debian installation of OpenSSL. Reading around, it looks like it was
> removed because the line caused a problem when profiling the code with
> Valgrind. Unfortunately, this had the nasty side effect of reducing the
> possible key space to 2^15 keys instead of 2^1024 possible keys. Yeah, it
Reference?
More information about the wplug
mailing list