SSH upgrade

To: debian-powerpc@lists.debian.org
Subject: SSH upgrade
From: Mark Lamers <mark@marklamers.nl>
Date: Tue, 20 Feb 2001 09:23:27 +0100
Message-id: <[🔎] 3A92297F.E1FBBB29@marklamers.nl>

This is part of a message I got from securityspace.com:

 Title: SSH1 CRC-32 compensation attack
 ID: 10607
 Category: Gain a shell remotely
 URL: http://www.securityspace.com/smysecure/catid.html?id=10607
 Summary: Checks for the remote SSH version
 Description:
   You are running a version of SSH which is 
   older than version 1.2.32,
   or a version of OpenSSH which is older than
   2.3.0.
   
   This version is vulnerable to a flaw which
   allows an attacker to insert arbitrary commands
   in a ssh stream.
   
   Solution :
   Upgrade to version 1.2.32 of SSH which solves this problem,
   or to version 2.3.0 of OpenSSH
   
   More information:
   http://www.core-sdi.com/english/ssh/
   
   Risk factor : High

My question is where can I find debian packages of openssh 2.3.0., I
couln't find them with apt-get

Thanks in advance

Mark Lamers

Reply to:

Follow-Ups:
- Re: SSH upgrade
  - From: Michael Schmitz <schmitz@mail.biophys.uni-duesseldorf.de>

Prev by Date: Ximian Gnome packages updated
Next by Date: Re: nautilus
Previous by thread: Re: mozilla 0.8 from penguinppc and PSM
Next by thread: Re: SSH upgrade
Index(es):
- Date
- Thread