Date: Sat, 20 Sep 2003 22:24:02 +0200 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: Will Andrews <will@csociety.org> Cc: Dirk Meyer <dinoex@FreeBSD.org> Subject: Re: [Fwd: LSH: Buffer overrun and remote root compromise in lshd] Message-ID: <3F6CB762.4080905@fillmore-labs.com> In-Reply-To: <20030920182035.GM47671@procyon.firepipe.net> References: <3F6C9A0A.8080103@fillmore-labs.com> <20030920182035.GM47671@procyon.firepipe.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Will Andrews wrote: > On Sat, Sep 20, 2003 at 08:18:50PM +0200, Oliver Eikemeier wrote: > >>port security/lsh 1.5.2 has a remote root compromise, >>it seems that even the client part is affected. >>Either someone upgrades it to 1.5.3 or we mark it as >>broken for 4.9. >> >>The announcement is at: >> <http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000127.html>; > > Feel free to upgrade the port, it has portmgr approval. This was just a heads up, Dirk dropped maintainership on 2003/02/23: http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/lsh/Makefile.diff?r1=1.16&r2=1.17 Just mark it as broken. Regards Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F6CB762.4080905>