[FUG-BR] Fw: FreeBSD Kernel Critical Update

irado furioso com tudo irado em safe-mail.net
Quarta Novembro 26 10:56:30 BRST 2008



Reenvio de mensagem:

Date: Wed, 26 Nov 2008 11:08:35 +0000
From: nixCraft Linux Sys Admin Blog <vivek em nixcraft.com>
To: irado em safe-mail.net
Subject: nixCraft Linux Sys Admin Blog


FreeBSD Kernel Critical Update: arc4random predictable sequence  
vulnerability

Posted: 25 Nov 2008 09:49 AM PST
http://www.cyberciti.biz/tips/cve-2008-5162-freebsd-arc4random.html


FreeBSD today released a core (kernel) patched to plug "arc4random  
predictable sequence vulnerability" security hole in its operating
systems version 6.x and 7.x stable release. When the arc4random random
number generator is initialized, there may be inadequate entropy to
meet the needs of kernel systems which rely on arc4random; and it may
take up to 5 minutes before arc4random is reseeded with secure entropy
from the Yarrow random number generator. All security-related kernel
subsystems that rely on a quality random number generator are subject
to a wide range of possible attacks. This update has been rated as
having important security impact.

Read more: FreeBSD Kernel Critical Update: arc4random predictable
sequence vulnerability
Copyright (c) nixCraft.  All Rights Reserved. Support nixCraft when
you shop at amazon. Thanks!






-- 
saudações,
irado furioso com tudo
Linux User 179402/FreeBSD BSD50853/FUG-BR 154
Não uso drogas - 100% 
"A experiencia ensina que a mulher ideal é sempre a dos outros."
(Stanislaw Ponte Preta in "maximas ineditas de tia zulmira")


Mais detalhes sobre a lista de discussão freebsd