Re: DSA-134-1
Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE> writes:
> Wichert Akkerman <wichert@wiggy.net> writes:
>
>> Definitely. I really wish we could do more but the complete lack
>> of more information we have make things difficult. Backporting
>> OpenSSH 3.3p1 to to potato is also slightly complicated by missing
>> build dependencies, but we hope to have packages ready sometime
>> tomorrow.
>
> Is this worth the effort if there's still a remote nobody exploit?
> At least that's the way understand the DSA.
Well, it appears if OpenSSH 1.2.3 was *not* vulnerable, so the whole
exercise was rather pointless.
Thanks, Theo.
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT fax +49-711-685-5898
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to:
- References:
- DSA-134-1
- From: Anthony DeRobertis <asd@suespammers.org>
- Re: DSA-134-1
- From: Wichert Akkerman <wichert@wiggy.net>
- Re: DSA-134-1
- From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>