patch your systems - new openssh exploit out
Jerry Feldman
gaf at blu.org
Wed Sep 17 07:34:00 EDT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
According to SuSE, 3.5p1.
On Tue, 16 Sep 2003 22:58:37 -0400
Johannes Ullrich <jullrich at euclidian.com> wrote:
>
> To make things more interesting, there have been two OpenSSH updates
> today. The first one, released early morning as 3.7p1 fixed buffer.c.
> Later (couple hours ago), 3.7.1 was released. According to the notes,
> it fixes additional issues.
>
>
> I am not sure which version made it into the updates
> various distros released.
>
>
> On Tue, 2003-09-16 at 22:05, Jerry Feldman wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On Tue, 16 Sep 2003 18:37:52 -0400
> > "Clint M. Sand" <clint at neotrance.dyndns.org> wrote:
> >
> > >
> > > There's a new openssh exploit out. A patch is released for
> > > openbsd. and OpenSSH 3.7 is now out to address the problem on
> > > other platforms(linux)
> > >
> > > Just in case its not obvious, this has huge implications. Upgrade
> > > asap.
> > I noticed that my SuSE Update Checker was red, indicating there was
> > a security patch available. One of the patches was the OpenSSH
> > patch.
- --
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQE/aEao+wA+1cUGHqkRAlmaAJwPyUVfkvQRIl2J5vdu4/pYKOrmPgCfaTjA
fW4l9eTlkAdeECGl5lxqd/8=
=jkF5
-----END PGP SIGNATURE-----
More information about the Discuss
mailing list