On Wed, 2015-01-07 at 18:13 +, Colin Watson wrote:
> The defaults should be changed upstream first (has anyone contacted
> them?)
Well I've had some discussions with them as I've noted in #774711, but
more with respect to the issues in DH-GEX (moduli sizes, that the client
basically accepts an
Processing commands for cont...@bugs.debian.org:
> forcemerge 774793 774711
Bug #774793 [src:openssh] openssh: SSH uses insecure Ciphers, MACs and
KexAlgorithms by default
Bug #774711 [src:openssh] openssh: OpenSSH should have stronger ciphers
selected at least on the server side.
Severity set t
forcemerge 774793 774711
stop
Hi.
This is basically the same as #774711, therefore merging.
On Wed, 2015-01-07 at 18:29 +0100, comot...@krutt.org wrote:
> The attached patch updates openssh-server debian defaults through the
> postinst script according to bettercrypto.org[2], stribika[3] and
On Wed, Jan 07, 2015 at 06:29:17PM +0100, comot...@krutt.org wrote:
> The latest batch of Snowden documents[1] has shown that misbehaving
> nationstates can decrypt many of the SSH ciphers at least some of the
> time. Every debian system ships with openssh-server and many rely on
> openssh in varie
Source: openssh
Severity: critical
Tags: patch security
Justification: root security hole
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
The latest batch of Snowden documents[1] has shown that misbehaving
nationstates can decrypt many of the SSH ciphers at least some of the
time. Every debian s
5 matches
Mail list logo
