[wplug] OpenSSL security vulnerability

Brian Sammon wplug-list at brisammon.fastmail.fm
Thu May 15 10:32:09 EDT 2008


> I haven't seen any discussion of this, but it's actually very important. 
> Some time ago, approximately two years, a single line was removed from the 
> Debian installation of OpenSSL.  Reading around, it looks like it was 
> removed because the line caused a problem when profiling the code with 
> Valgrind.  Unfortunately, this had the nasty side effect of reducing the 
> possible key space to 2^15 keys instead of 2^1024 possible keys.  Yeah, it 

Reference?










More information about the wplug mailing list