Bug#536182: rumours of openssh attack, upgrade sid?

To: 536182@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#536182: rumours of openssh attack, upgrade sid?
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Wed, 8 Jul 2009 09:03:15 +0200
Message-id: <[🔎] a58abf67809e9f7191b86df192bd2ff8.squirrel@wm.kinkhorst.nl>
Reply-to: "Thijs Kinkhorst" <thijs@debian.org>, 536182@bugs.debian.org

Hi,

You may have heard of the rumours that there's a new OpenSSH exploit but
it's unclear what this exploit actually is or whether it even exists:
http://isc.sans.org/diary.html?storyid=6742

However, one consistent claim is that the "current version" of OpenSSH
isn't affected. It would make sense to me to get at least unstable/sid
updated with the most recent upstream version, as it wouldn't hurt. Do you
as openssh maintainers think you can do this in the short term? This is at
least some potentially mitigating action we can already take.


cheers,
Thijs

Reply to:

Follow-Ups:
- Bug#536182: rumours of openssh attack, upgrade sid?
  - From: Florian Weimer <fw@deneb.enyo.de>
- Bug#536182: rumours of openssh attack, upgrade sid?
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#536182: openssh: upstream version (5.2) available
Next by Date: Bug#536182: rumours of openssh attack, upgrade sid?
Previous by thread: Bug#536182: openssh: upstream version (5.2) available
Next by thread: Bug#536182: rumours of openssh attack, upgrade sid?
Index(es):
- Date
- Thread