[Openswan dev] Openswan and Debian OpenSSL vulnerability
Paul Wouters
paul at xelerance.com
Sun May 18 19:15:11 EDT 2008
On Sun, 18 May 2008, D. Hugh Redelmeier wrote:
> According to this page, http://wiki.debian.org/SSLkeys, both Openswan and
> StrongSWAN are vulnerable to the Debian OpenSSL vulnerability.
Only X.509 keys generated using openssl on Debian. Raw RSA host keys
generated on debian systems by Openswan are fine. Openswan does not
use openssl code anywhere (except openswan 3.x uses some, but not for
generating long term keys).
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Dev
mailing list