Archive for May 19th, 2008

Ubuntu Weekly Newsletter #91

Monday, May 19th, 2008

Welcome to the Ubuntu Weekly Newsletter, Issue 91 for the week May 11 - May 17, 2008. In this issue we cover: OpenSSL/OpenSSH vulnerability, FOSSCamp 2008 Prague, The Art of Release(Mark Shuttleworth), 5-a-day and Loco teams, Linux distro Smack Down(Podcast), Metalinks, what are those?, Ubuntu on Berlin metro system, Ubuntu featured in Vermist(Movie), and much, much more!

UWN Translations

  • Note to translators and our readers: We are trying a new way of linking to our translations pages. Please follow the link below for the information you need.

https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Translations

In This Issue

  • OpenSSL/OpenSSH vulnerability
  • FOSSCamp 2008 Prague
  • The Art of Release(Mark Shuttleworth)
  • Making 5-a-day happen in “Your Loco team”
  • Ubuntu Stats
  • Launchpad News
  • Ubuntu Forums News
  • In the Press & Blogosphere
  • In Other News
  • Upcoming Meetings & Events
  • Updates & Security

Read more …

Posted in News | No Comments »

Ubuntu Developer Summit - Day 1

Monday, May 19th, 2008

At the beginning of a new development cycle, Ubuntu developers from around the world gather to help shape and scope the next release of Ubuntu. The summit is open to the public, but it is not a conference, exhibition or other audience-oriented event. Rather, it is an opportunity for Ubuntu developers — who usually collaborate online — to work together in person on specific tasks.

Read more at The Fridge

Posted in News | No Comments »

Important Security Advisory

Monday, May 19th, 2008

A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system.

This particularly affects the use of encryption keys in OpenSSH. This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them.

We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems. The following Ubuntu releases are affected: Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

ISOs available already on ubuntu.com and mirrors will not be updated with the new packages, but using the Update Manager to get security updates will replace the impacted packages. Users should then regenerate new keys.

ShipIt has stopped mailing CDs.

The 8.04.1 point release, expected in July, will include the updated packages.

Please see usn-612-2 for the latest information regarding updating your system and taking appropriate protective measures.

Ubuntu Fridge

Posted in Linux Mint, News, Ubuntu, Ubuntu derivate, Updates | No Comments »

Ubuntu Look is Digg proof thanks to caching by WP Super Cache!