[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Changes to sks-keyservers.net pools
From: |
Jeremy T. Bouse |
Subject: |
Re: [Sks-devel] Changes to sks-keyservers.net pools |
Date: |
Tue, 06 May 2014 08:55:40 -0400 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.4.0 |
On 05/06/2014 05:08 AM, Kristian Fiskerstrand wrote:
> Dear lists,
>
> Following the release of SKS 1.1.5[0] the following changes will be
> made to the pools of sks-keyservers.net
>
> subset.pool.sks-keyservers.net has been set to a minimum requirement
> of SKS 1.1.5 with immediate effect.
>
> Due to CVE-2014-3207[1] I want to bump hkps.pool.sks-keyservers.net to
> a requirement of 1.1.5 as this can potentially be in another security
> context / zone, however I'm giving this a grace period of (at least)
> 45-60 days to allow server administrators to upgrade their servers.
>
> I'm not making any changes to the main pool at this point.
>
> References:
> [0] http://lists.nongnu.org/archive/html/sks-devel/2014-05/msg00026.html
> [1] http://www.openwall.com/lists/oss-security/2014/05/01/16
>
For those that do run Debian... BTS #746626 has been opened as Important
and tagged as 'security upstream fixed-upstream' for 1.1.5 so hopefully
the maintainer team will get it updated within Jessie soon which will
then trigger the BPO for Wheezy.
Re: [Sks-devel] Changes to sks-keyservers.net pools, Dinko Korunic, 2014/05/06
Re: [Sks-devel] Changes to sks-keyservers.net pools, Daniel Austin, 2014/05/06