Version 1.0.10 of Mandos is released: SECURITY BUG FIX!

[Teddy Hogeborn]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Teddy Hogeborn <teddy at fukt.bsnet.se> writes:

> Bug Impact and Recovery
> =======================
[...]
> Paranoia level 1: Change the Mandos client keys (since they have
>                   been readable), and change the encrypted root file
>                   system password (since it's possible it has been
>                   revealed).  The procedure is roughly as follows:
>                   
>                   * Run the following commands on the Mandos client:
[...]

I forgot to add the last step of the paranoia level 1 procedure:
After creating new Mandos client keys, run the command
"update-initramfs -k all -u" on the Mandos client to rebuild the
initrd image file to contain the new keys.

Again, we apologise for the inconvenience.

/Teddy Hogeborn

- -- 
The Mandos Project
http://www.fukt.bsnet.se/mandos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFKECL8OWBmT5XqI90RAtNDAJ4otGS/mnR8Twv5UGS/wwc9B1HlOACgw66+
+ff87slnA0F/eN+hvt1XLas=
=Lkzt
-----END PGP SIGNATURE-----