Re: debian potato's SSH not affected by SSH bug?

To: debian-user@lists.debian.org
Subject: Re: debian potato's SSH not affected by SSH bug?
From: Alan Shutko <ats@acm.org>
Date: Wed, 26 Jun 2002 15:06:31 -0400
Message-id: <[🔎] 87ptydyi4o.fsf@wesley.springies.com>
In-reply-to: <[🔎] 3D1A0ED5.6040700@tux.obix.com>
References: <[🔎] 63926.10.121.110.34.1025116162.squirrel@webmail.linuxpowered.net> <[🔎] 3D1A0ED5.6040700@tux.obix.com>

Phil Brutsche <phil@tux.obix.com> writes:

> No, potato's ssh packages are vunlerable and updates have been made
> available; DSA-134 contains all the necessary information:
> http://www.debian.org/security/2002/dsa-134.

That DSA does not contain all the information currently available,
because it was written before the actual problem was known.

"Theo de Raadt announced that the OpenBSD team is working with ISS to
address a remote exploit for OpenSSH (a free implementation of the
Secure SHell protocol). They are refusing to provide any details on
the vulnerability but instead are advising users to upgrade to the
latest release, version 3.3."

-- 
Alan Shutko <ats@acm.org> - In a variety of flavors!
WinErr: 013 Unexpected error - Huh ?

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- debian potato's SSH not affected by SSH bug?
  - From: "nate" <debian-user@aphroland.org>
- Re: debian potato's SSH not affected by SSH bug?
  - From: Phil Brutsche <phil@tux.obix.com>

Prev by Date: Re: ssh difference v3.3 vs. 3.4 ???
Next by Date: Re: ssh difference v3.3 vs. 3.4 ???
Previous by thread: Re: debian potato's SSH not affected by SSH bug?
Next by thread: new ssh and "Accepted hostbased" in logs
Index(es):
- Date
- Thread