On Tue, Oct 08, 2019 at 05:23:56AM -0400, Michael Richardson wrote: > Salvatore Bonaccorso <carnil@xxxxxxxxxx> wrote: > > ------------------------------------------------------------------------- > > Debian Security Advisory DSA-4539-2 security@xxxxxxxxxx > > https://www.debian.org/security/ Salvatore Bonaccorso > > October 07, 2019 https://www.debian.org/security/faq > > ------------------------------------------------------------------------- > > > Package : openssh > > Debian Bug : 941663 > > > A change introduced in openssl 1.1.1d (which got released as DSA 4539-1) > > requires sandboxing features which are not available in Linux kernels > > before 3.19, resulting in OpenSSH rejecting connection attempts if > > I've gone through the changelog for 1.1.1d, but I can't figure out what > 1.1.1d would have changed that would have caused this. The RNG uses sysV shm to convey to other processes that /dev/[u]random has been properly seeded, under some configurations/kernel versions. -Ben
