On Thu, Jun 27, 2002 at 10:38:44AM +0200, Wim Fournier wrote: >http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584 > >I just read this over at iss, it seems that the vuln only exists for >default installations of BSD and only for S-KEY and BSD authentication. > >So need to upgrade at all.. its just a way to get everyone over to 3.x i >guess... For Debian it is not nessessary to upgrade in case of these securityissues. But in ssh-3.4 are many other security fixes and bugfixes, so it is recommended to upgrade. But me is not hurry up for this and wait for the new deb ... :) Regards Jan -- .''`. Jan-Hendrik Palic | : :' : ** Debian GNU/ Linux ** | ** OpenOffice.org ** ,.. ,.. `. `' http://www.debian.org | http://www.openoffice.org ,: ..` ` `- jan.palic@linux-debian.de | ' ` `
Attachment:
pgpbj0ynNXiST.pgp
Description: PGP signature