debian openssh issue with openssl 1.1.1d
Benjamin Kaduk
bkaduk at akamai.com
Tue Oct 8 10:27:17 UTC 2019
On Tue, Oct 08, 2019 at 05:23:56AM -0400, Michael Richardson wrote:
> Salvatore Bonaccorso <carnil at debian.org> wrote:
> > -------------------------------------------------------------------------
> > Debian Security Advisory DSA-4539-2 security at debian.org
> > https://www.debian.org/security/ Salvatore Bonaccorso
> > October 07, 2019 https://www.debian.org/security/faq
> > -------------------------------------------------------------------------
>
> > Package : openssh
> > Debian Bug : 941663
>
> > A change introduced in openssl 1.1.1d (which got released as DSA 4539-1)
> > requires sandboxing features which are not available in Linux kernels
> > before 3.19, resulting in OpenSSH rejecting connection attempts if
>
> I've gone through the changelog for 1.1.1d, but I can't figure out what
> 1.1.1d would have changed that would have caused this.
The RNG uses sysV shm to convey to other processes that /dev/[u]random has been
properly seeded, under some configurations/kernel versions.
-Ben
More information about the openssl-users
mailing list