[CentOS] Re: [CentOS-announce] Impact of the Debian OpenSSL vulnerability

Sun May 18 08:06:07 UTC 2008
Les Bell <lesbell at lesbell.com.au>

Ralph Angenendt <ra+centos at br-online.de> wrote:

I don't think the OpenSSH devels really do care about that - there is no
discussion whatsoever on the secureshell list or on the devel list.

No idea about our upstream, but I don't think so either.

Correct: all that needs to be said was said years ago, by Dr. Robert E.
Coveyou, of Oak Ridge National Laboratory (now NIST):

"The generation of random numbers is to important to be left to chance".


--- Les Bell, RHCE, CISSP
Tel: +61 2 9451 1144
FreeWorldDialup: 800909