Re: open ssh exploit - user not getting created
Previously Sean McAvoy wrote:
> I was a little hasty in my first reply. It is a noted bug
> (http://bugzilla.mindrot.org/show_bug.cgi?id=285)
> Disabling compression will solve the problem on 2.2.x kernels.
> (Compression no)
Actually our package contains a patch from Solar Designer to make
privsep work on 2.2 kernels. It might still be broken on 2.0 kernels
though, but I have no concrete information on that.
Wichert.
--
_________________________________________________________________
/wichert@wiggy.net This space intentionally left occupied \
| wichert@deephackmode.org http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250 2FA3 BC2D |
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: