Maintainers of packages creating or using keys potentially affected
by the recent openssl vulnerability are encouraged to write up
information, whether their packages are affected…..
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Maintainers of packages creating or using keys potentially affected
by the recent openssl vulnerability are encouraged to write up
information, whether their packages are affected and how users
can re-generate cryptographic key material and send it to the
Security Team.

We're working on collecting this information for major packages
already, but we can't do that for the whole archive.
You should contact us in any case, even if only to affirm our
findings.

A lot of information is already being collected on
http://wiki.debian.org/SSLkeys

Once verified or acknowledged by maintainers information will
be moved to http://www.debian.org/security/key-rollover/
which is only writable by the Debian WWW group.

Please get in touch with us at team@security.debian.org.

Cheers,
Moritz
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIK1T7Xm3vHE4uyloRAmDkAJwIp6+CBFZRtqp2qsC01wsP4IYVOwCgmWPV
W/Lr42Duk3WbfqXFcqT5LOk=
=76Qd
—–END PGP SIGNATURE—–

– To UNSUBSCRIBE, email to debian-devel-announce-REQUEST@lists.debian.org with a subject of “unsubscribe”. Trouble? Contact listmaster@lists.debian.org