[ntp:security] [Bug 730] OpenSSL security alert

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Mon Sep 10 11:44:37 UTC 2012


https://bugs.ntp.org/show_bug.cgi?id=730

Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |blocking4.2.8?

--- Comment #5 from Harlan Stenn <stenn at ntp.org> 2012-09-10 11:44:37 UTC ---
We're still calling RSA_generate_key() with an exponent of 3.

This may not be a problem with newer versions of OpenSSL.

I'm curious about the performance impact of changing the exponent to 5 or
65537.

-- 
Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list