Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » OpenBSD downplays PRNG vulnerability in LibreSSL

OpenBSD downplays PRNG vulnerability in LibreSSL

2014/07/16

Securityweek - (International) A researcher with Opsmate reported finding a flaw in the pseudorandom number generator (PRNG) in LibreSSL for Linux. Representatives of the OpenBSD Project confirmed that the issue exists but stated that the now-fixed problem was unlikely to be exploitable in real world conditions.

Source: http://www.securityweek.com/openbsd-downplays-prng-vulnerability-libressl

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:20:57