Your message dated Tue, 09 Jun 2009 22:07:56 +0200
with message-id <1244578076.4108.2.ca...@tomoyo>
and subject line Re: Processed: your mail
has caused the Debian Bug report #532518,
regarding predictable random number generator used in web browsers
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
532518: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=532518
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: webkit
severity: serious
tags: security
hello,
it has been discovered that all of the major web browsers use a
predictable pseudo-random number generator (PRNG). please see
reference [0]. the robust solution is to switch to a provably
unpredictable PRNG such as Blum Blum Shub [1,2].
[0] http://www.trusteer.com/temporary-user-tracking-in-major-browsers
[1] Lenore Blum, Manual Blum, and Michael Shub, "A Simple Unpredictable
Pseudo-Random Number Generator," SIAM Journal on Computing, volume 15,
pages 364-383, May 1986.
[2] http://rng.doesntexist.org/gmpbbs
--- End Message ---
--- Begin Message ---
Le mardi 09 juin 2009 à 19:30 +0000, Debian Bug Tracking System a
écrit :
> > reassign -3 epiphany-browser
> Bug#532518: predictable random number generator used in web browsers
> Bug reassigned from package `webkit' to `epiphany-browser'.
Epiphany uses either xulrunner or webkit, but does not include its own
PRNG.
Cheers,
--
.''`. Josselin Mouette
: :' :
`. `' “I recommend you to learn English in hope that you in
`- future understand things” -- Jörg Schilling
signature.asc
Description: Ceci est une partie de message numériquement signée
--- End Message ---
