ports/154175: Newer version of OpenSSH-portable needed
Kevin Oberman
oberman at es.net
Thu Jan 20 21:00:18 UTC 2011
>Number: 154175
>Category: ports
>Synopsis: Newer version of OpenSSH-portable needed
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 20 21:00:17 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Kevin Oberman
>Release: FreeBSD 8.2-PRERELEASE i386
>Organization:
ESnet - The Energy Sciences Network
>Environment:
System: FreeBSD ptavv.es.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #1: Fri Dec 3 09:14:10 PST 2010 root at ptavv.es.net:/usr/obj/usr/src/sys/PTAVV8 i386
>Description:
OpenSC 0.12 has been added to the ports tree replacing
0.11.13. This version depends on the support for PKCS in OpenSSH, but
FreeBSD still at the two year old 5.2.p1. PKCS11 support was added in
version 5.4 and the curent version is 5.6.
Until a new version of OpenSSH is available, we are stuck at 0.11.13
which has a known security
vulnerability.
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4523)
>How-To-Repeat:
N/A
>Fix:
Port OpenSSH-5.4 or newer to FreeBSD
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list