openssh security issues
Christopher Cowart
ccowart at rescomp.berkeley.edu
Sat Dec 16 20:55:26 PST 2006
On Sat, Dec 16, 2006 at 10:47:39PM -0500, Michael P. Soulier wrote:
> So, portaudit keeps complaining about openssh, but when I try to upgrade...
>
> [msoulier at kanga ~]$ sudo portupgrade -R openssh
> [Updating the pkgdb <format:bdb1_btree> in /var/db/pkg ... - 207 packages
> found (-1 +1) (...). done]
> ---> Upgrading 'openssh-3.6.1_5' to 'openssh-3.6.1_6' (security/openssh)
> ---> Building '/usr/ports/security/openssh'
> ===> Cleaning for openssh-3.6.1_6
> ===> openssh-3.6.1_6 has known vulnerabilities:
> => openssh -- multiple vulnerabilities.
> Reference:
> <http://www.FreeBSD.org/ports/portaudit/32db37a5-50c3-11db-acf3-000c6ec775d9.html>
This says it only affects SSH Protocol version 1. If you only use
version 2 or you're not too concerned, you could do:
$ sudo portupgrade -m DISABLE_VULNERABILITIES=yes -R openssh
> => Please update your ports tree and try again.
> *** Error code 1
>
> Stop in /usr/ports/security/openssh.
> ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.20685.0
> env UPGRADE_TOOL=portupgrade UPGRADE_PORT=openssh-3.6.1_5
> UPGRADE_PORT_VER=3.6.1_5 make
> ** Fix the problem and try again.
> ** Listing the failed packages (*:skipped / !:failed)
> ! security/openssh (openssh-3.6.1_5) (unknown build error)
> ---> Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed
>
> So, before bothering the port maintainer, is there a standard place to look
> for a status update on this kind of thing?
>
> Thanks,
> Mike
> --
> Michael P. Soulier <msoulier at digitaltorque.ca>
> "Any intelligent fool can make things bigger and more complex... It
> takes a touch of genius - and a lot of courage to move in the opposite
> direction." --Albert Einstein
--
Chris Cowart
Network and Infrastructure Systems Administrator
RSSP-IT, UC Berkeley
"May all your pushes be popped"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20061217/0f99eb03/attachment.pgp
More information about the freebsd-questions
mailing list