:A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to disclose potentially sensitive information.The vulnerability is caused due to an error within the sys_dev_random module when supplying random data. This can be exploited to determine fragments of random data previously generated and e.g. break a cryptographic algorithm that uses the random or urandom device.The vulnerability affects all supported versions of FreeBSD.Solution:Update FreeBSD or apply patch.Fixed versions:2007-11-29 16:05:38 UTC (RELENG_7, 7.0-BETA4)2007-11-29 16:06:12 UTC (RELENG_6, 6.3-PRERELEASE)2007-11-29 16:06:54 UTC (RELENG_6_3, 6.3-RC2)2007-11-29 16:07:30 UTC (RELENG_6_2, 6.2-RELEASE-p9)2007-11-29 16:07:54 UTC (RELENG_6_1, 6.1-RELEASE-p21)2007-11-29 16:08:54 UTC (RELENG_5, 5.5-STABLE)2007-11-29 16:09:26 UTC (RELENG_5_5, 5.5-RELEASE-p17)Patch for FreeBSD 5.5, 6.1, and 6.2:http://security.FreeBSD.org/patches/SA-07:09/random.patchhttp://security.FreeBSD.org/patches/SA-07:09/random.patch.ascProvided and/or discovered by:The vendor credits Robert Woolley.Original Advisory:http://security.FreeBSD.org/advisories/FreeBSD-SA-07:09.random.asc

Original post by nitish