[TriLUG] Enjoy upgrading all your SSH boxen to 3.7?
Jon Carnes
jonc at nc.rr.com
Wed Sep 17 22:33:40 EDT 2003
On Wed, 2003-09-17 at 21:23, Kevin Sonney wrote:
> Brian Daniels <bitmage at bellsouth.net> writes:
> > All versions of OpenSSH's sshd prior to 3.7.1 contain buffer
> > management errors. It is uncertain whether these errors are
> > potentially exploitable, however, we prefer to see bugs
> > fixed proactively.
>
> As a reminder, Red Hat's RPM packages are back ports of the fix to the
> version of ssh that shipped with Red Hat Linux and Red Hat Enterprise
> Linux (as applicable). Remind your clients/friends of that when they
> complain about Red Hat (and other vendors) not shipping the "current"
> package versions.
>
> Just a little FYI *grin*
Hay, it's "Open Source." Anyone can darn well install any version of
OpenSSH they want. If they need hand holding, they can just wait or
search for it on Freshmeat!
What RH does is above and beyond the call of duty. It's why I buy every
major version once the box comes out - even though I've already
installed it from my burned ISO's weeks ago.
Jon
More information about the TriLUG
mailing list