1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News OpenSSL flaw in Debian Linux discovered

Discussion in 'Article Discussion' started by CardJoe, 14 May 2008.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,343
    Likes Received:
    292
  2. Tomm

    Tomm I also ride trials :¬)

    Joined:
    12 Apr 2004
    Posts:
    2,249
    Likes Received:
    0
    You mean Linux isn't a perfect OS sent from God?
     
  3. samkiller42

    samkiller42 For i AM Cheesecake!!

    Joined:
    25 Apr 2006
    Posts:
    6,495
    Likes Received:
    148
    hahaha. My dreams have come true, the day something wrong comes to linux, no matter how small it was.... Sorry, all childish now.

    At least in the light of this, its been sorted out relativley quickly, which is a good sign for any OS.

    Sam
     
  4. steveo_mcg

    steveo_mcg New Member

    Joined:
    26 May 2005
    Posts:
    5,841
    Likes Received:
    80
    Seen this yesterday, meant to redo my keys last night (forgot) if any one is bored my system is wide open...
     
  5. Kode

    Kode New Member

    Joined:
    27 Jan 2008
    Posts:
    322
    Likes Received:
    2
    johnny come latelys? Debian has been running longer than redhat, redhat was initially released in 95, debian in 93, also the good thing about open source is these problems get picked up and fixed, rather than microsofts approach that seems to be pretend they arent there
     
  6. Tomm

    Tomm I also ride trials :¬)

    Joined:
    12 Apr 2004
    Posts:
    2,249
    Likes Received:
    0
    Clearly it's not perfect, nothing in this world is. It's therefore not a surprise that there's a small bug in one small part of Linux. It was, after all, created by humans. My point was the opposite really - we shouldn't be surprised by this news and I'm certainly not pointing and laughing.

    Maybe I was too sarcastic (is there such a thing as too sarcastic?).
     
  7. Gareth Halfacree

    Gareth Halfacree WIIGII! Staff Administrator Super Moderator Moderator

    Joined:
    4 Dec 2007
    Posts:
    13,359
    Likes Received:
    2,404
    I sit corrected. Article updated.
     
  8. sotu1

    sotu1 Ex-Modder

    Joined:
    24 Aug 2007
    Posts:
    2,877
    Likes Received:
    26
    you know in the simpsons when that bully dude goes 'haaha'. that's what i think! however, having said that, well done linux teams for getting onto it quickly. that is commendable
     
  9. yuusou

    yuusou Well-Known Member

    Joined:
    5 Nov 2006
    Posts:
    2,204
    Likes Received:
    372
    for 1 bug in linux article on bit-tech we have 500 windows bugs articles
     
  10. C-Sniper

    C-Sniper Stop Trolling this space Ądmins!

    Joined:
    17 Jun 2007
    Posts:
    3,028
    Likes Received:
    126
    Nothing is perfect but atleast linux is more perfect than windows.


    btw, slackware strawberry Cheesecake :D
     
  11. DXR_13KE

    DXR_13KE BananaModder

    Joined:
    14 Sep 2005
    Posts:
    9,122
    Likes Received:
    367
    at least it is patched faster than in windows.....
     
  12. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    And the flaw isn't that big... Just a random number that could be predictable... And I could win the lottery...

    This bug is also already fixed, so it' a non-issue. I don't have the time to redo my keys right now, so al hackers, go ahead ;)
     
  13. pendragon

    pendragon I pickle they

    Joined:
    14 May 2004
    Posts:
    717
    Likes Received:
    0
    as much as I dislike the typical "smug linux user", no reason for me to point and laugh.. Linux has its own problems and quirks just like any OS out there... no big deal.. The good thing from this story is that they plugged the hole.. Kind of stinks that it's Debian..as Ubuntu is hugely popular.
     
  14. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    Well, it doesn't stink at all... If you read the various Linux mailing lists, you will see security notices popping up often. But the good thing about this is that those flaws are usually fixed within days.
     
  15. IanW

    IanW Grumpy Old Git

    Joined:
    2 Aug 2003
    Posts:
    6,870
    Likes Received:
    610
    Exactly. This bug was squished almost immediately.
    If it was a Windows bug, it wouldn't have been patched until the first Tuesday of NEXT month at the earliest!
     
  16. WhiskeyAlpha

    WhiskeyAlpha New Member

    Joined:
    5 May 2006
    Posts:
    838
    Likes Received:
    4
    Being the stinking linux noob that I am, what do I need to do to "rebuild my keys"?

    I just updated my ubuntu fileserver (ala Glider's superb server guide) to 8.04LTS and it fired up a warning message telling me about the security hole. Not sure if it sorts it automatically or whether I need to flex my typing skills on the command line :)
     
  17. cebla

    cebla New Member

    Joined:
    6 Sep 2004
    Posts:
    123
    Likes Received:
    0
    If the article is correct then this bug was introduced in 2006. That means its been there for two years. I am not sure why some of you think this was fixed so much more quickly than bugs in Windows.
     
  18. Glider

    Glider /dev/null

    Joined:
    2 Aug 2005
    Posts:
    4,173
    Likes Received:
    21
    If you are using a key based authentication (like in passwordless SSH) then you need to update the keys generated by a Debian machine manually.
     
  19. steveo_mcg

    steveo_mcg New Member

    Joined:
    26 May 2005
    Posts:
    5,841
    Likes Received:
    80
    Because as soon as it was caught it was fixed, wouldn't be the first time a large whole has been found in windows after a few years and it still takes at least a month for the fix.
     
  20. pendragon

    pendragon I pickle they

    Joined:
    14 May 2004
    Posts:
    717
    Likes Received:
    0
    uh... perhaps I missed your point.. but my point was that, as Ubuntu is massively popular (especially with newbies like myself), you'll get a larger amount of people with this flaw unpatched in their system (as opposed to say people that run a distro that isn't as popular).. which is too bad.
     
Tags: Add Tags

Share This Page