[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [d-security] Re: ssh vulnerability in the wild

On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> On Tue, 16 Sep 2003, Alexander Neumann wrote:
> 
> > According to Wichert, the security team is already working on an update.
> 
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?

The new version has already been installed. This was quick. Good work,
security team.

 openssh (1:3.4p1-1.1) stable-security; urgency=high

  * NMU by the security team.
  * Merge patch from OpenBSD to fix a security problem in buffer handling

 -- Wichert Akkerman <wakkerma@debian.org>  Tue, 16 Sep 2003 13:06:31 +0200

bye,

  -christian-

-- 
Beware of bugs in the above code; I have only proved it correct,
not tried it.  -- Donald E. Knuth
Reply to: