Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

If you don't have an account yet, visit the registration page to sign up.

If you already have an account, you may login here:

Today's Big Story

How to Set Up a Separate /home Partition on Linux

LXer Features

Encryption, Trust, and the Hidden Dangers of Vendor-Controlled Data

My Linux Mint Tribute

How I Turned My Chromebook Into A "Mintbook"

Adventures With My New Chromebook

My Linux Laptop

Laptop Dual Boot Project: Part 2

Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

Publish it here.

DaniWeb Linux Community
An exciting professional discussion group about software development, php, shell scripting, networking, ruby, and more.

Latest Discussions

Anyone remember Distrotest.net? I found a new one!

This is really cool, and a big deal for Linux too.

My RSS reader can't find LXer's feed

A great and free Task Manager plus!

I have some ideas..

Install of HYPRLAND on Arch Cosmic (ML4W 2.9.6.1-1) via Paru

Please add https to lxer.com

Why are flatpaks so HUGE?

So Microsft gets to decide?

All that's great, but.....

More...

Site Menu

Other News

- LWN.net
Their weekly coverage of Linux news is unmatched in this community.

- LinuxGizmos.com
Excellent news for embedded Linux.

- LinuxQuestions.org
Discussion forums for Linux users.

LinuxQuestions.org is a friendly and active Linux Community with forums, reviews, a hardware compatibility list, a wiki, tutorials, a download site, a podcast and more.

Comodo Offers Free Replacement Certificate to any Individuals Affected by Debian Vulnerability Flaw

Posted by tuxchick on May 22, 2008 1:36 PM EDT
comodo.com

Mail this story
Print this story

Comodo, a global leader in Identity and Trust Assurance Management solutions, announced today that it would offer free SSL certificates to any online businesses affected by the security flaw recently detected in Debian - the LINUX distribution. While Comodo stressed that the SSL certificates it issued are not vulnerable (it is the private keys generated by the users that may be vulnerable), it is offering assistance to Comodo customers as well as to anyone using a competitive SSL certificate from VeriSign or others by offering a new SSL certificate free of charge.

Comodo issues security advisory on Debian vulnerability flaw, confirming that while Comodo Certificates are unaffected, some certificates created using Debian Distribution are vulnerable which is why Comodo is offering free replacement services for affected SSL certificates - regardless of original certificate provider.

Jersey City, NJ (May 21, 2008) - Comodo, a global leader in Identity and Trust Assurance Management solutions, announced today that it would offer free SSL certificates to any online businesses affected by the security flaw recently detected in Debian - the LINUX distribution. While Comodo stressed that the SSL certificates it issued are not vulnerable (it is the private keys generated by the users that may be vulnerable), it is offering assistance to Comodo customers as well as to anyone using a competitive SSL certificate from VeriSign or others by offering a new SSL certificate free of charge.

The security flaw (discovered last week) affects OpenSSL in Debian versions of the Linux operating system. The security flaw allows brute forcing of vulnerable keys and could lead to a compromise of secure communications using the keys. To support and assist affected merchants in their efforts to remedy the problem, Comodo is offering free replacement certificates for any certificate that may have been compromised, even if the original certificate was provided by another company. Affected users are advised to replace their certificates in order to ensure the security of their sensitive data including passwords, financial accounts, credit card numbers, and identities. Comodo customers can log into their accounts and replace their certificates with a new CSR (Certificate Signing Request). Customers should update the OpenSSL package to the latest version, create a new CSR and key pair then proceed to replace the affected certificate. Non Comodo customers can visit: http://www.instantssl.com ssl-certificate-support/debian/ssl-certificate-contact.html to get the free certificate. Other security information regarding this vulnerability can be viewed at; http://lists.debian.org/debian-security-announce/2008/msg001...

"We are making this offer for a free replacement SSL certificate to any affected business, regardless of their original provider because we recognize that SSL certificates are a pivotal foundation of a trusted Internet," said Melih Abdulhayoglu, CEO and Chief Security Architect of Comodo. "SSL certificates working properly are essential to the success of online commerce, and we are giving free certificates as an incentive to encourage immediate remedial action. Our free offer is intended to remove any barriers from businesses needing to correct these certificates."

More information can be obtained at Comodo's Knowledge Base at; https://support.comodo.com/index.php?_m=knowledgebase&_a=vie...

Full Story

Nav

» Read more about: Story Type: Press Release; Groups: Debian, Linux

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software