1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News OpenSSL flaw in Debian Linux discovered

Discussion in 'Article Discussion' started by CardJoe, 14 May 2008.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,346
    Likes Received:
    316
  2. Tomm

    Tomm I also ride trials :¬)

    Joined:
    12 Apr 2004
    Posts:
    2,249
    Likes Received:
    0
    You mean Linux isn't a perfect OS sent from God?
     
  3. samkiller42

    samkiller42 For i AM Cheesecake!!

    Joined:
    25 Apr 2006
    Posts:
    6,789
    Likes Received:
    518
    hahaha. My dreams have come true, the day something wrong comes to linux, no matter how small it was.... Sorry, all childish now.

    At least in the light of this, its been sorted out relativley quickly, which is a good sign for any OS.

    Sam
     
  4. steveo_mcg

    steveo_mcg What's a Dremel?

    Joined:
    26 May 2005
    Posts:
    5,841
    Likes Received:
    80
    Seen this yesterday, meant to redo my keys last night (forgot) if any one is bored my system is wide open...
     
  5. Kode

    Kode What's a Dremel?

    Joined:
    27 Jan 2008
    Posts:
    322
    Likes Received:
    2
    johnny come latelys? Debian has been running longer than redhat, redhat was initially released in 95, debian in 93, also the good thing about open source is these problems get picked up and fixed, rather than microsofts approach that seems to be pretend they arent there
     
  6. Tomm

    Tomm I also ride trials :¬)

    Joined:
    12 Apr 2004
    Posts:
    2,249
    Likes Received:
    0
    Clearly it's not perfect, nothing in this world is. It's therefore not a surprise that there's a small bug in one small part of Linux. It was, after all, created by humans. My point was the opposite really - we shouldn't be surprised by this news and I'm certainly not pointing and laughing.

    Maybe I was too sarcastic (is there such a thing as too sarcastic?).
     
  7. Gareth Halfacree

    Gareth Halfacree WIIGII! Lover of bit-tech Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    17,085
    Likes Received:
    6,635
    I sit corrected. Article updated.
     
  8. sotu1

    sotu1 Ex-Modder

    Joined:
    24 Aug 2007
    Posts:
    2,884
    Likes Received:
    26
    you know in the simpsons when that bully dude goes 'haaha'. that's what i think! however, having said that, well done linux teams for getting onto it quickly. that is commendable
     
  9. yuusou

    yuusou Multimodder

    Joined:
    5 Nov 2006
    Posts:
    2,852
    Likes Received:
    916
    for 1 bug in linux article on bit-tech we have 500 windows bugs articles
     
  10. C-Sniper

    C-Sniper Stop Trolling this space Ądmins!

    Joined:
    17 Jun 2007
    Posts:
    3,028
    Likes Received:
    126
    Nothing is perfect but atleast linux is more perfect than windows.


    btw, slackware strawberry Cheesecake :D
     
  11. DXR_13KE

    DXR_13KE BananaModder

    Joined:
    14 Sep 2005
    Posts:
    9,139
    Likes Received:
    382
    at least it is patched faster than in windows.....
     
  12. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    And the flaw isn't that big... Just a random number that could be predictable... And I could win the lottery...

    This bug is also already fixed, so it' a non-issue. I don't have the time to redo my keys right now, so al hackers, go ahead ;)
     
  13. pendragon

    pendragon I pickle they

    Joined:
    14 May 2004
    Posts:
    717
    Likes Received:
    0
    as much as I dislike the typical "smug linux user", no reason for me to point and laugh.. Linux has its own problems and quirks just like any OS out there... no big deal.. The good thing from this story is that they plugged the hole.. Kind of stinks that it's Debian..as Ubuntu is hugely popular.
     
  14. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    Well, it doesn't stink at all... If you read the various Linux mailing lists, you will see security notices popping up often. But the good thing about this is that those flaws are usually fixed within days.
     
  15. IanW

    IanW Grumpy Old Git

    Joined:
    2 Aug 2003
    Posts:
    9,151
    Likes Received:
    2,653
    Exactly. This bug was squished almost immediately.
    If it was a Windows bug, it wouldn't have been patched until the first Tuesday of NEXT month at the earliest!
     
  16. WhiskeyAlpha

    WhiskeyAlpha What's a Dremel?

    Joined:
    5 May 2006
    Posts:
    838
    Likes Received:
    4
    Being the stinking linux noob that I am, what do I need to do to "rebuild my keys"?

    I just updated my ubuntu fileserver (ala Glider's superb server guide) to 8.04LTS and it fired up a warning message telling me about the security hole. Not sure if it sorts it automatically or whether I need to flex my typing skills on the command line :)
     
  17. cebla

    cebla What's a Dremel?

    Joined:
    6 Sep 2004
    Posts:
    123
    Likes Received:
    0
    If the article is correct then this bug was introduced in 2006. That means its been there for two years. I am not sure why some of you think this was fixed so much more quickly than bugs in Windows.
     
  18. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    If you are using a key based authentication (like in passwordless SSH) then you need to update the keys generated by a Debian machine manually.
     
  19. steveo_mcg

    steveo_mcg What's a Dremel?

    Joined:
    26 May 2005
    Posts:
    5,841
    Likes Received:
    80
    Because as soon as it was caught it was fixed, wouldn't be the first time a large whole has been found in windows after a few years and it still takes at least a month for the fix.
     
  20. pendragon

    pendragon I pickle they

    Joined:
    14 May 2004
    Posts:
    717
    Likes Received:
    0
    uh... perhaps I missed your point.. but my point was that, as Ubuntu is massively popular (especially with newbies like myself), you'll get a larger amount of people with this flaw unpatched in their system (as opposed to say people that run a distro that isn't as popular).. which is too bad.
     
Tags: Add Tags

Share This Page