On Sun, Nov 11, 2001 at 06:46:30PM +0100, Andreas Metzler wrote: > Wichert Akkerman <wichert@wiggy.net> wrote: > [...] > > Anyone who thinks openssh is not more secure needs to compare codebases :) > > On the other side, OpenSSH has had its share on exploits and bugs, > too, and BTW afaics (Bug #113513) the version in Debian is still open > to which is bad, but this is also only in woody/sid, which are unreleased and not guarenteed secure. stable ssh shouldn't have this problem. > |-- RHSA-2001:114-05 > | 3. Problem description: > | > | If a user lists multiple keys in her .ssh/authorized_keys2 file, > | sshd may in some circumstances not honor the "from" option which > | can be associated with a key, thereby allowing key-based logins > | from hosts which should not be allowed access. > |---------------------- > cu andreas > -- > Hey, da ist ein Ballonautomat auf der Toilette! > Echelon: sex violence tower XXX Boom human rights Islam Kate Winslet > vim:ls=2:stl=***\ Sing\ a\ song.\ *** > > > -- > To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgppfnEEyGoDq.pgp
Description: PGP signature