updating system version of OpenSSH

Phil Schulz ph.schulz at gmx.de
Fri Feb 25 20:06:53 GMT 2005

On 02/25/05 20:55, David Newman wrote:
> What is the procedure for patching/updating system
> version of OpenSSH on an FBSD 5.2.1 box?

If you can't afford to upgrade the base OS and you do not want to 
install OpenSSH from the ports, then you'll need to specify what 
vulnerability you are talking about.

I checked the FreeBSD security advisories which *could* apply to your 
problem and it seems that FreeBSD-SA-04:05.openssl is the one you might 
be talking about. A patch is included with the advisory along with 
instructions on how to apply the patch and fix the issue.




> I used the excellent Rootkit Hunter security
> assessment tool:
> http://www.rootkit.nl/projects/rootkit_hunter.html
> and it found that I'm running OpenSSH 3.6.1p1, which
> has at least one vulnerability.
> I only know how to install/upgrade from ports. OpenSSH
> is part of the ports collection, but the build I'm
> running was included with the OS. 
> What's the right way to proceed here?
> thanks
> /wsbs

More information about the freebsd-questions mailing list