bin/58153: 4.9 default with vulnerable openssh 3.5
Charlie &
root at hal.ee.lbl.gov
Thu Oct 16 16:40:18 PDT 2003
>Number: 58153
>Category: bin
>Synopsis: 4.9 default with vulnerable openssh 3.5
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Thu Oct 16 16:40:16 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Charlie &
>Release: FreeBSD 4.9-RC2 i386
>Organization:
>Environment:
System: FreeBSD testing4.9.lbl.gov 4.9-RC2 FreeBSD 4.9-RC2 #0: Wed Oct 8 07:44:57 GMT 2003 root at freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC i386
FreeBSD 4.9 only
>Description:
4.9 (current RC2) is still distributing openssh 3.5p1
which is a vulnerable version of openssh.
For 4.9-RELEASE, this needs to be changed to openssh-3.7p2
>How-To-Repeat:
>Fix:
build openssh-3.7p2 for formal 4.9-RELEASE
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list