Re: Ssh2-packet still secure?
On Wed, Sep 17, 2003 at 12:01:31AM +0200, Bas Zoetekouw wrote:
> You wrote:
> > I use ssh2 (2.0.13-7) on my webserver. As far as I can see this
> > packet has not been updated since Sat, 15 Dec 2001 12:43:25 +0000.
> > My question is if this packet is still considered secure and
> > reliable to use after all OpenSSH-bugs, since it's not updated for
> > almost 2 years, or is that because it's considered outdated?
> AFAIK, the ssh2 package was removed ages ago because of it having
> security bugs and it being obsoleted by openssh. As far as I can see,
> it's not even present in woody any more.
It is still present in woody; you need to look in non-US, though.
I've filed bug #211331 asking for it to be removed from stable too.
Colin Watson [firstname.lastname@example.org]