[Fwd: LSH: Buffer overrun and remote root compromise in lshd]
Oliver Eikemeier
eikemeier at fillmore-labs.com
Sat Sep 20 13:24:07 PDT 2003
Will Andrews wrote:
> On Sat, Sep 20, 2003 at 08:18:50PM +0200, Oliver Eikemeier wrote:
>
>>port security/lsh 1.5.2 has a remote root compromise,
>>it seems that even the client part is affected.
>>Either someone upgrades it to 1.5.3 or we mark it as
>>broken for 4.9.
>>
>>The announcement is at:
>> <http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000127.html>
>
> Feel free to upgrade the port, it has portmgr approval.
This was just a heads up, Dirk dropped maintainership on 2003/02/23:
http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/lsh/Makefile.diff?r1=1.16&r2=1.17
Just mark it as broken.
Regards
Oliver
More information about the freebsd-ports
mailing list