512-bit keys are not supported

er, s/hit/hint/ ;)

Thank you for reporting this bug. Additional blacklists for 512 and 4096 bit keys is planned.

This bug was fixed in the package openssl-blacklist - 0.3.3+0.4-0ubuntu0.8.04.1

---------------
openssl-blacklist (0.3.3+0.4-0ubuntu0.8.04.1) hardy-security; urgency=low

  * allow checking of certificate requests
  * only check moduli with an exponent of 65537 (the default on Debian/Ubuntu)
  * update gen_certs.sh for when ~/.rnd does not exist when openssl is run
    which can happen with openssl 0.9.8g and higher
  * update gen_certs.sh to use '0' (in case of PID randomization)
  * added more examples
  * only prompt once for password (Closes: #483500)
  * properly cache database reads when bits are same
  * added '-m' and '-b' arguments. This is helpful for applications calling
    openssl-vulnkey when the modulus and bits are known, such as openvpn.
  * man page updates
  * added test.sh
  * added blacklists for when ~/.rnd does not exist when openssl is run
    (LP: #232104)
  * added 512 bit and partial 4096 blacklists (need le64) (LP: #231014)
  * reorganized source databases, and ship the new gen_certs.sh format
  * debian/rules: updated to use new blacklist format and organization
  * create openssl-blacklist-extra package (but don't ship 4096 yet)
  * Modify Maintainer value to match the DebianMaintainerField
    specification.

 -- Jamie Strandboge <email address hidden> Wed, 11 Jun 2008 16:36:27 -0400