On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: > Kamaraju S Kusumanchi <kamaraju@bluebottle.com> writes: > > > Scott Gifford wrote: > > > > > >> CVE-2006-0225 OpenSSH Local SCP Shell Command Execution > >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > > machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 > > Thanks, from the bug tracking database it looks like this wasn't > addressed for Sarge (see bug 349645), which is unfortunate. > > > No idea about other stuff. > > > > BTW, is upgrade to Etch from Sarge not an option in your case? > > Our upgrade from Woody to Sarge was so disastrous, I will need more > time for this client to forget about it before I can propose another > upgrade. :-) > what were the woody -> sarge issues? perhaps they've been addressed... A
Attachment:
signature.asc
Description: Digital signature