Re: ssh vulnerability in the wild
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
There's already a new package on security.debian.org. I can't
vouch for it myself, but here's the changelog:
openssh (1:3.4p1-1.1) stable-security; urgency=high
* NMU by the security team.
* Merge patch from OpenBSD to fix a security problem in buffer handling
-- Wichert Akkerman <wakkerma@debian.org> Tue, 16 Sep 2003 13:06:31 +0200
Andrew
Reply to: