On Tue, 13 May 2008, Hugo Mills wrote:
> On Tue, May 13, 2008 at 01:34:04PM +0100, Hugo Mills wrote:
>> This is kind of related to my talk on Saturday, but is important in
>> its own right:
>>
>> http://lists.debian.org/debian-security-announce/2008/msg00152.html
[SNIP]
> Sorry, forgot to mention -- this affects SSH, OpenVPN, DNSSEC and
> all X.509 certificates and sessions. It doesn't affect GPG keys,
> fortunately.
Quoting from the link above "This is a Debian-specific vulnerability which
does not affect other operating systems which are not based on Debian."
I assume this means that Ubuntu, Mepis and other Debian derivatives also
suffer the same issue? If so I hope they will be pushing through security
updates ASAP...
Andy
