Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 03 May 2014 11:29:35 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: Open Source Security <oss-security@...ts.openwall.com>
Subject: ldns-keygen creates private key world readable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ldns-keygen creates private key world readable

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746758

Same argument as GPG I suppose, so probably deserves a CVE.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTZSd/AAoJEBYNRVNeJnmTmugP/jNYcpGML64bLcSGrD+D4and
KasTcWoYXmM8wLakBsbpQ498p2j2fTzHh3MnI68eESgvSoxUTV31FirBpAejJe85
c6XmIcKb+qZ0MSpfT26nPtW6ypptn2d2kDtu4cgZxjbTgBH1z+KuEwkF+XClB9VO
lbPAitmOM6aCCX0ccnK9UDVYLBDurorK5MNeC5QiCVp3wdrgiEo3pvJAp8bEAMdl
9RQR/EHxXnJqmEQgW1E2A740abpNELU4NSlYM3HQ+3v2hHFErSv2iH5ypuuqaXMc
53NHbBfbQBaEmckapIzQUhJoG1CZFgl1VEiqH4nchvzpkG18pTM8feY9n2CrqTXQ
d3c4kOZv9UPWWipyabqCWrW+qcdqXPYJNi0x1g+a6JjCKkutPrJd14EX5J/Hr9of
bABuyh8cuk8UUIxTL/+jX08zSXyUbB9P3tLF1SOlpnshhuWqk4u58gHuG4q44ceS
BD/G0yZvFQfyApuVzUC7oXuUahGrgSnROljnJgLRo7+VCIXBSgn+i+FtWqjy4oeB
sJme5MfJrwl9lVPutDYivNN5WmDj6plwSeS4xCIQS8K8yXG/dg7UN05B/JGbVbgV
JPSGLbwVLQV7n8Z/J6OMG9iZEO/WDlSTd94DQXA9PaijL5aXdoovjr+8pKpsct9p
LmYIkD0zvbgYOjkJ/U9Z
=knsT
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ