[Bug 1381359] Re: [SRU] ship new public cert
Dustin Kirkland
dustin.kirkland at gmail.com
Wed Oct 15 07:40:51 UTC 2014
After updated package:
kirkland at x230:~⟫ sudo pollinate -r
[sudo] password for kirkland:
Oct 15 09:40:38 x230 pollinate[7392]: system was previously seeded at [2014-10-15 09:36:58.285035647 +0200]
Oct 15 09:40:38 x230 pollinate[7402]: client sent challenge to [https://entropy.ubuntu.com/]
Oct 15 09:40:39 x230 pollinate[7426]: client verified challenge/response with [https://entropy.ubuntu.com/]
Oct 15 09:40:39 x230 pollinate[7436]: client hashed response from [https://entropy.ubuntu.com/]
Oct 15 09:40:39 x230 pollinate[7438]: client successfully seeded [/dev/urandom]
** Description changed:
Pollinate ships entropy.ubuntu.com's public certificate for tighter
security.
This certificate has been updated and pollinate needs to be updated.
+
+ [Impact]
+ Any new 14.04 (Trusty) cloud instance with a down-level version of pollinate will fail to seed their PRNG from entropy.ubuntu.com.
+
+ [Test Case]
+ Run:
+ $ sudo pollinate -r
+ to reseed your PRNG. If you have the old version of pollinate, you'll get certificate errors (See Comment #1), and it will exit non-zero. If you have the new version (already uploaded to ppa:pollinate/ppa, utopic, trusty-proposed), it will work again and exit zero (see Comment #2).
+
+ [Regression Potential]
+ Negligible. A single file is updated with a new public SSL certificate for https://entropy.ubuntu.com, in /etc/pollinate/entropy.ubuntu.com.pem
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to pollinate in Ubuntu.
https://bugs.launchpad.net/bugs/1381359
Title:
[SRU] ship new public cert
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pollinate/+bug/1381359/+subscriptions
More information about the Ubuntu-server-bugs
mailing list