Re: (fwd) OpenSSH trojan!
I wanna make it clear.
We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0,
and we installed the ssh from the deb packages using
apt-get install utility.
I wonder if there is any risk on this stable version of OpenSSH (Debian)
undependent from openbsd's source tarball?
if there is, how can i fix it with the real stable one?
On Fri, 2 Aug 2002, Vincent Hanquez wrote:
> On Fri, Aug 02, 2002 at 03:36:53PM +0200, Florian Weimer wrote:
> > Vincent Hanquez <firstname.lastname@example.org> writes:
> > > as the others said, no.
> > > only Openbsd source package has been trojaned
> > No, both 3.4p1 and 3.2.2p1 (portable versions) have been changed, too.
> sorry i've forget a word. I was speaking of Openbsd's ftp.
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org