OpenSSH heads-up
D J Hawkey Jr
hawkeyd at visi.com
Tue Sep 16 08:09:26 PDT 2003
On Sep 16, at 09:55 AM, Jacques A. Vidrine wrote:
>
> Here's the meat of it:
>
> ---- begin excerpt ----
> This is the 1st revision of the Advisory.
>
> This document can be found at: http://www.openssh.com/txt/buffer.adv
>
> 1. Versions affected:
>
> All versions of OpenSSH's sshd prior to 3.7 contain a buffer
> management error. It is uncertain whether this error is
> potentially exploitable, however, we prefer to see bugs
> fixed proactively.
>
> 2. Solution:
>
> Upgrade to OpenSSH 3.7 or apply the following patch.
> ---- end excerpt ----
How far away are we from a FreeBSD SA? When the patch(es) are ready
for all the other supported releases?
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd at visi.com /\________________/
http://www.visi.com/~hawkeyd/
More information about the freebsd-security
mailing list