Re: Critical: ssh-nonfree IS exploited
On Sun, Nov 11, 2001 at 03:30:34PM -0500, James A. Treacy wrote:
> On Sun, Nov 11, 2001 at 02:23:48PM -0500, kcr@debian.org wrote:
> > Gosh, just because they're not ideologically pure enough, people who
> > installed software from our ftp servers with our installers can go
> > ahead and get broken into? IMAO, this doesn't make us good network
> > citizens, and probably doesn't improve our image in the eyes of the
> > people getting shafted by this. Someone should at least pull
> > ssh-nonfree out of stable so nobody installs a new copy.
>
> All the developers are volunteers. If you feel something is that
> important do it yourself, i.e. make a fixed package.
A fixed package has *already* been produced. The issue, AIUI, is getting
an announcement out on debian-security-announce, and only the security
team can do that.
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: