Re: Vulnerability in ssh shipped by kde.debian.net?
> Previously Rainer Dorsch wrote:
> > Is this a patched version or is it a huge security risk for users of
> > kde.debian.net?
>
> Not really, it's only a risk if you have enabled UseLogin manually and
> have local users you don't trust.
>
kde.debian.net ships verion 2.3.0px of ssh. I think this version does not only
have the vulnerability fixed by the latest ssh security update.
Rainer.
--
Rainer Dorsch
Abt. Rechnerarchitektur e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22 D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/
Reply to: