[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Critical: ssh-nonfree IS exploited

On Sun, Nov 11, 2001 at 03:30:34PM -0500, James A. Treacy wrote:
> On Sun, Nov 11, 2001 at 02:23:48PM -0500, kcr@debian.org wrote:
> > Gosh, just because they're not ideologically pure enough, people who
> > installed software from our ftp servers with our installers can go
> > ahead and get broken into?  IMAO, this doesn't make us good network
> > citizens, and probably doesn't improve our image in the eyes of the
> > people getting shafted by this.  Someone should at least pull
> > ssh-nonfree out of stable so nobody installs a new copy.
> 
> All the developers are volunteers. If you feel something is that
> important do it yourself, i.e. make a fixed package.

A fixed package has *already* been produced. The issue, AIUI, is getting
an announcement out on debian-security-announce, and only the security
team can do that.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]
Reply to: