gpg: failed to create temporary file '/var/lib/lurker/.#lk0x57aab100.hantslug.org.uk.24615': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Tue May 13 13:36:31 2008 BST
gpg: using DSA key 20ACB3BE515C238D
gpg: Can't check signature: No public key
On Tue, May 13, 2008 at 01:34:04PM +0100, Hugo Mills wrote:
> All -
>
> This is kind of related to my talk on Saturday, but is important in
> its own right:
>
> http://lists.debian.org/debian-security-announce/2008/msg00152.html
>
> Basically, Debian managed to introduce a bug into their OpenSSL
> packages a couple of years ago that made the "random" numbers it
> generates predictable. This is a Bad Thing. They're recommending
> regenerating *all* of the cryptographic keys, certificates and
> signatures that you've made with the affected versions. See the link
> for more details.
Sorry, forgot to mention -- this affects SSH, OpenVPN, DNSSEC and
all X.509 certificates and sessions. It doesn't affect GPG keys,
fortunately.
Hugo.
--
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
--- Ceci n'est pas une pipe: | ---
