Hi, and sorry if this has already been reported, It seems to me this upload should be propagated to security.debian.org: http://packages.qa.debian.org/o/openssh/news/20080513T150212Z.html Ubuntu did so on their side and also published a seperate advisory: http://www.ubuntu.com/usn/usn-612-2 Without this, the problem is much harder to deploy on multiple machine so I strongly recommend pushing this as a security update. A. -- Antoine Beaupré Réseau Koumbit Networks +1.514.387.6262
Attachment:
signature.asc
Description: Digital signature