Re: lug-bg: OpenSSH vulnerable
- Subject: Re: lug-bg: OpenSSH vulnerable
- From: f4zs08mm34sph8c001@xxxxxxxxxxxxxx (JHS@xxxxxxxxxxxxx)
- Date: Tue, 25 Jun 2002 18:39:57 +0900
On Tue, Jun 25, 2002 at 05:56:43PM +0900, JHS@xxxxxxxxxxxxx f4zs08mm34sph8c001@xxxxxxxxxxxxxx XXXXXXXXXXXXXX wrote:
|Àêî ìîæå äà ñå íàðå÷å "òåñò" - èíñòàëèðàõ ãî íà åäíà ìàøèíà testing è
|ðàáîòè. Ðàáîòè è íà unstable.
|Âúâ âñè÷êè ñëó÷àè, Debian å ìíîãî óñòîé÷èâ êúì ñìÿíà íà ssh äåìîíà
|(ïðàâèë ñúì äîñòà update è äîðè dist-update îò 10000 êì). Èíñòàëèðàé
|íîâàòà âåðñèÿ è áåç äà èçëèçàø îò ñòàðàòà, ïðîáâàé äàëè ìîæåø äà âëåçåø.
|Àêî íå ìîæåø, âðúùàé ïðåäèøíàòà.
|
|Ïî-ñêîðî ìå òðåâîæè êàêâî ùå ñòàíå ñ Debian stable. Äî ñåãà íå å èçëÿçúë
|íèêàêúâ update... :(
Åòî êàêâî ïèøàò â Debian IRC êàíàëà:
"Theo de Raadt has claimed that ssh 3.0 has a serious remote-root
exploit, but refuses to reveal what it is. Theo recommends upgrading to
3.3 which makes this exploit less serious, however 3.3 doesn't work with
2.2 kernels, has problems with PAM on some setups, the compression
doesn't work and someone at FreeBSD claims there is a different
remote-root exploit in it."
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|