Re: (fwd) OpenSSH trojan!
I wanna make it clear.
We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0,
OpenSSL 0x0090603f
and we installed the ssh from the deb packages using
apt-get install utility.
I wonder if there is any risk on this stable version of OpenSSH (Debian)
undependent from openbsd's source tarball?
if there is, how can i fix it with the real stable one?
sincerely.
On Fri, 2 Aug 2002, Vincent Hanquez wrote:
> On Fri, Aug 02, 2002 at 03:36:53PM +0200, Florian Weimer wrote:
> > Vincent Hanquez <tab@crans.org> writes:
> >
> > > as the others said, no.
> > > only Openbsd source package has been trojaned
> >
> > No, both 3.4p1 and 3.2.2p1 (portable versions) have been changed, too.
>
> sorry i've forget a word. I was speaking of Openbsd's ftp.
>
> --
> Tab
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: