GSA-6292-1: haveged Security Update
Gnoppix Security has released a security update for haveged, fixing a vulnerability that could allow denial of service.
What is the issue? A bug in the entropy daemon could cause a crash under specific conditions.
Who is affected? Users running haveged on Gnoppix 23/25 and Gnoppix 25.
Action required: Administrators should upgrade the haveged package immediately.
Technical details: The flaw is in the handling of random number generation requests. An attacker could exploit it to crash the service, starving the system of entropy.
Mitigation: No temporary workaround is available. Installation of the updated package is mandatory.
High-value insight: This update prevents system instability by ensuring continuous entropy supply for cryptographic operations.
Affected versions: All haveged packages prior to this release are vulnerable on the specified Gnoppix releases. - Please update your systems.