Bug#211324: ssh: Further potential security bugs

To: Ewen McNeill <ewen@basilica.la.naos.co.nz>, 211324@bugs.debian.org
Subject: Bug#211324: ssh: Further potential security bugs
From: Colin Watson <cjwatson@debian.org>
Date: Wed, 17 Sep 2003 02:26:19 +0100
Message-id: <[🔎] 20030917012619.GA386@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 211324@bugs.debian.org
In-reply-to: <[🔎] 20030917010419.CF1A63C486E7@basilica.la.naos.co.nz>
References: <[🔎] 20030917010419.CF1A63C486E7@basilica.la.naos.co.nz>

On Wed, Sep 17, 2003 at 01:04:19PM +1200, Ewen McNeill wrote:
> Package: ssh
> Version: 1:3.4p1-1.1
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Further to bug 211205 which was resolved by DSA-382-1:
> 
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=211205
> 
> the OpenBSD project have released OpenSSH 3.7.1 which contains further
> updates for similar issues to the one fixed by OpenSSH 3.7.

Yup, this had been drawn to my attention. Fixes are underway already.

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

Follow-Ups:
- Bug#211324: ssh: Further potential security bugs
  - From: "Adam M. Costello" <bug.amc+3@nicemice.net>

References:
- Bug#211324: ssh: Further potential security bugs
  - From: Ewen McNeill <ewen@basilica.la.naos.co.nz>

Prev by Date: Accepted openssh 1:3.6.1p2-7 (i386 source)
Next by Date: Bug#211205: Another patch needed maybe for ssh?
Previous by thread: Bug#211324: ssh: Further potential security bugs
Next by thread: Bug#211324: ssh: Further potential security bugs
Index(es):
- Date
- Thread