Re: Debian libssl security (Cause???)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ross Cameron

Subject: Re: Debian libssl security (Cause???)

Date: Friday, May 16, 2008 - 5:30 am

Mmmmmmm this isn't the first time I've heard of bogus reports from Valgrind.
How does one politely inform the Debian project to not trust it explicitly
and to human audit anything it flags?

On Fri, May 16, 2008 at 1:41 PM, Otto Moerbeek <otto@drijf.net> wrote:

quoted text> On Fri, May 16, 2008 at 01:31:54PM +0200, Ross Cameron wrote:
>
> > Anyone got any thoughts on what the Debian project has been doing to
> OpenSSL
> > to have caused this in the first place?
>
> yes, read the stuff posted earlier, it contains all relevant links. To
> summarize, to silence a bogus valgrind warning, almost all seeding of
> the PRNG used by openssl was removed.
>
>        -Otto

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Debian libssl security (Cause???), Ross Cameron, (Fri May 16, 4:31 am)

Re: Debian libssl security (Cause???), Otto Moerbeek, (Fri May 16, 4:41 am)

Re: Debian libssl security (Cause???), Ross Cameron, (Fri May 16, 5:30 am)

Re: Debian libssl security (Cause???), Travers Buda, (Fri May 16, 11:33 am)

Re: Debian libssl security (Cause???), mcb, inc., (Fri May 16, 12:06 pm)

Re: Debian libssl security (Cause???), Ted Unangst, (Fri May 16, 1:02 pm)

Re: Debian libssl security (Cause???), Otto Moerbeek, (Fri May 16, 11:36 pm)

Re: Debian libssl security (Cause???), Tim Post, (Sat May 17, 12:12 am)


linux-kernel:
FUJITA Tomonori	Re: [Scst-devel] Integration of SCST in the mainstream Linux kernel
Uwe Kleine-König	Re: [PATCH v2] ARM: allow, but warn, when issuing ioremap() on RAM
Ingo Molnar	Re: [RFC/RFT PATCH] sched: automated per tty task groups
Josef Bacik	[PATCH] fallocate.2: add FALLOC_FL_PUNCH_HOLE flag definition
Andrew Morton	Re: [PATCH v3 0/4] Introduce hardware spinlock framework
git:
Stefan Richter	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
Bert Wesarg	[TopGit PATCH v3 06/12] list_deps: accept -i/-w
Junio C Hamano	Re: [PATCH] Detached HEAD (experimental)
A Large Angry SCM	Re: [RFC] origin link for cherry-pick and revert
Petr Baudis	Re: PPC SHA-1 Updates in "pu"
git-commits-head:
Linux Kernel Mailing List	libata: disable ATAPI AN by default
Linux Kernel Mailing List	ARM: 5905/1: ARM: Global ASID allocation on SMP
Linux Kernel Mailing List	misc: replace remaining __FUNCTION__ with __func__
Linux Kernel Mailing List	Disallow gcc versions 4.1.{0,1}
Linux Kernel Mailing List	timer: Try to survive timer callback preempt_count leak
linux-netdev:
Arnaldo Carvalho de Melo	Re: [PATCH 06/37] dccp: Limit feature negotiation to connection setup phase
Gerrit Renker	[PATCH 1/5] dccp: Initialisation framework for feature negotiation
Daniel Lezcano	getsockopt(TCP_DEFER_ACCEPT) value change
David Miller	Re: 2.6.27.18: bnx2/tg3: BUG: "scheduling while atomic" trying to ifenslave a seco...
Badalian Vyacheslav	Re: tc filter flow hash question
openbsd-misc:
Boris Goldberg	Re: HP ProLiant DL320 v. Sun Fire V125
Stuart Henderson	Re: Kuro5hin: OpenBSD Founder Theo deRaadt Has Conflict of Interest With AMD
Karel Kulhavy	Re: No Blob without Puffy
Darrin Chandler	Re: strange output on openbsd C code
Nick Holland	Re: Install OpenBSD from USB ?