Vulnerability in ssh shipped by kde.debian.net?
Hello,
kde.debian.net ships kde packages for potato systems
deb http://kde.debian.net potato main crypto optional
deb ftp://kde.debian.net/pub/kde potato main crypto optional
I think they are very popular amonst Debian stable users. I just found this
morning (Wicherts security alert on openssh did not trigger an update!), that
in optional of the above deb lines there is ssh 1:2.3.0p1-0.11.
Is this a patched version or is it a huge security risk for users of
kde.debian.net?
If this is a problem, due to the popularity of the apt-lines, I would even
suggest to send a security alert on the debian security mailing list.
Thanks.
Rainer.
--
Rainer Dorsch
Abt. Rechnerarchitektur e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22 D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/
--
Rainer Dorsch
Abt. Rechnerarchitektur e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22 D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/
Reply to: