Re: [d-security] Re: ssh vulnerability in the wild
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> On Tue, 16 Sep 2003, Alexander Neumann wrote:
>
> > According to Wichert, the security team is already working on an update.
>
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
The new version has already been installed. This was quick. Good work,
security team.
openssh (1:3.4p1-1.1) stable-security; urgency=high
* NMU by the security team.
* Merge patch from OpenBSD to fix a security problem in buffer handling
-- Wichert Akkerman <wakkerma@debian.org> Tue, 16 Sep 2003 13:06:31 +0200
bye,
-christian-
--
Beware of bugs in the above code; I have only proved it correct,
not tried it. -- Donald E. Knuth
Reply to: