|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Chris Jones (chris
cjones.org)Date: Wed Feb 14 2001 - 10:54:22 CST
itojuniijlab.net writes:
> >So, with the latest round of ssh security problems, it would seem
> >important that openssh install and run flawlessly on a 1.5 system.
>
> openssh shipped with 1.5 (/usr/sbin/sshd) has the fix to
> http://razor.bindview.com/publish/advisories/adv_ssh1crc.html.
> the version number seems to older than the advisory, but
> the fix is there.
Excellent. But our users don't know that, because we haven't made any
announcement (unless I missed it).
If there are new features (or especially bug fixes) in pkgsrc openssh
(2.3) that aren't in 1.5's openssh (2.2), then we should make sure
that pkgsrc openssh can install on a 1.5 system.
If there are no such new features, then pkgsrc openssh should refuse
to install on a 1.5 system, and it should give a clear explanation of
why, to avoid confusion.
Chris
-- ----------------------------------------------------- chris
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]