Which ssh should I have?

To: debian-security@lists.debian.org
Subject: Which ssh should I have?
From: Ville Uski <frtvu@fy.chalmers.se>
Date: Wed, 7 Nov 2001 13:33:49 +0100
Message-id: <[🔎] 20011107133349.G56083@g7-mac10.fy.chalmers.se>

Hi,

I just joined the list after the admin of the network in my house had
complained that sshd running in my computer is "remotely exploitable". I
asked for more details and he only said it's the bug in the crc32 bit.
He also told me to install the newest version of openssh. The problem is
now which package I should install. I tried ssh-nonfree, but it
complained that some of the dependences is not installable. I'm not very
familiar with this issue. I couldn't find much information on it on
debian pages. The ssh package I currently have is
ssh_1.2.3-9.3_i386.deb. 

I have understood that the crc32 bug was already found in February so I
find it hard to believe that it's not already fixed on debian (I'm
running woody on a laptop PC). I should have all the security fixes
installed on my system (there is this security.debian.org line on my
sources.list file). 

Thanks for any information,
Ville

Reply to:

Follow-Ups:
- Re: Which ssh should I have?
  - From: Osvaldo Mundim Junior <osvaldo@arcom.com.br>
- Re: Which ssh should I have?
  - From: jigal <hangoor@xs4all.nl>

Prev by Date: Re: question about something, but don't know if it exists...
Next by Date: Re: Which ssh should I have?
Previous by thread: Re: question about something, but don't know if it exists...
Next by thread: Re: Which ssh should I have?
Index(es):
- Date
- Thread