[TriLUG] Remote exploit in SSH
Jeremy Portzer
jeremyp at pobox.com
Tue Sep 16 13:33:27 EDT 2003
Actually, the place to look for RPMs for Red Hat Linux is the Red Hat web
site. If you check https://rhn.redhat.com/errata/rh9-errata-security.html
, you'll see that there has not yet been an errata released for this
advisory. I'd expect there will be one by the end of the day however;
unless for some reason this wasn't embargoed properly and Red Hat has not
yet had time for Q.A.
--Jeremy
On Tue, 16 Sep 2003, Christopher L Merrill wrote:
> I usually use rpmfind.net to locate new RPMs for RedHat...but
> it doesn't list anything for SSH 3.7...what other sites should
> be on my list of places to look?
>
> TIA,
> Chris
>
> p.s. I greatly appreciate posting of security alerts on the TriLUG
> list. I know I should be subscribed to some security lists, but
> TriLUG seems to be one of the few lists I can find the time/energy
> to follow.
>
> Brian Daniels wrote:
> > Incase you aren't reading /. and patching right now.
> >
> > Apparent remote hole in OpenSSH <3.7. Details at:
> > http://www.openssh.org/txt/buffer.adv
>
>
>
>
--
/---------------------------------------------------------------------\
| Jeremy Portzer jeremyp at pobox.com trilug.org/~jeremy |
| GPG Fingerprint: 712D 77C7 AB2D 2130 989F E135 6F9F F7BC CC1A 7B92 |
\---------------------------------------------------------------------/
More information about the TriLUG
mailing list