[TriLUG] Fwd: Upcoming OpenSSH vulnerability *unverified*
Dan Chen
crimsun at email.unc.edu
Tue Jun 25 04:20:56 EDT 2002
On Mon, Jun 24, 2002 at 07:39:56PM -0400, H. Wade Minter wrote:
> Be ready for this SSH stuff coming down the pike...
> >http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102495293705094&q=raw
Oh yes, a nasty one at that.
For the impatiently paranoid, I've built OpenSSH-3.3p1 x86 debs for sid
(but should also work on woody as long as you recompile, since the
libssl0.9.6 versions differ [0.9.6d-1 in sid, 0.9.6c-2 in woody]). In
fact, I urge you if you use my diffs to recompile them on your machine.
I can't be completely trusted. [And there's always the possibility that
I overlooked something despite my having poured over the source]
http://www.unc.edu/~crimsun/debian-ssh/
Let's hope other vendors crank out updates before the rest hits BUGTRAQ.
--
Dan Chen crimsun at email.unc.edu
GPG key: www.unc.edu/~crimsun/pubkey.gpg.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020625/fa8ba999/attachment.pgp>
More information about the TriLUG
mailing list