updating system version of OpenSSH
Phil Schulz
ph.schulz at gmx.de
Fri Feb 25 20:06:53 GMT 2005
On 02/25/05 20:55, David Newman wrote:
> What is the procedure for patching/updating system
> version of OpenSSH on an FBSD 5.2.1 box?
>
If you can't afford to upgrade the base OS and you do not want to
install OpenSSH from the ports, then you'll need to specify what
vulnerability you are talking about.
I checked the FreeBSD security advisories which *could* apply to your
problem and it seems that FreeBSD-SA-04:05.openssl is the one you might
be talking about. A patch is included with the advisory along with
instructions on how to apply the patch and fix the issue.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc
Regards,
Phil.
> I used the excellent Rootkit Hunter security
> assessment tool:
>
> http://www.rootkit.nl/projects/rootkit_hunter.html
>
> and it found that I'm running OpenSSH 3.6.1p1, which
> has at least one vulnerability.
>
> I only know how to install/upgrade from ports. OpenSSH
> is part of the ports collection, but the build I'm
> running was included with the OS.
>
> What's the right way to proceed here?
>
> thanks
>
> /wsbs
>
More information about the freebsd-questions
mailing list