|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Peter Brezny (peter
skyrunner.net)Date: Tue Jul 02 2002 - 07:47:37 CDT
I've been trying to get clear on whether or not freebsd-stable (4.6-STABLE
FreeBSD 4.6-STABLE #0: Sat Jun 29 00:37:13 EDT 2002) has resolved the
problem listed in CA-2002-18 from CERT.
it doesn't appear so since it's running Openssh_2.9 and
http://openssh.org/txt/preauth.adv clearly says that freebsd is vulnerable.
I _THOUGHT_ i found something on the freebsd site stating that OpenSSH_2.9
FreeBSD localisations 20020307 was not vulnerable, however, I can't find it
now.
Since there doesn't appear to be a security advisory or notice from the
freebsd security team on this one yet, what's the best thing to do?
Manually update to openssh 3.4? Is an update to the base system in the
works?
TIA
Peter Brezny
Skyrunner.net
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]