Date: Wed, 26 Jun 2002 17:43:28 -0400 From: Travis Cole <kelp@plek.org> To: freebsd-security@freebsd.org Cc: Theo de Raadt <deraadt@cvs.openbsd.org> Subject: Re: Wow Message-ID: <20020626214328.GD53981@ainaz.pair.com> In-Reply-To: <200206261854.g5QIsNLI015235@cvs.openbsd.org> References: <20020626185126.GB35484@ainaz.pair.com> <200206261854.g5QIsNLI015235@cvs.openbsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 26, 2002 at 12:54:23PM -0600, Theo de Raadt wrote: > > We also did 5600 lines of further security auditing work over the last > week. We're fairly convinced that some of the things we changed are > relevant as well. ie. more holes. > > And that is commited in 3.4 Like I said in a few other emails. I've thought about this some more and I think Theo is right here. The upgrade to 3.4 is worth it. Lots of people are running some pretty crufty versions of OpenSSH. Many issues were fixed in 3.4. > By all means. Please continue running what you have. Don't upgrade > to 3.4. And please turn privsep off. Nope. I plan to upgrade. I've got 300 boxes that will be seeing 3.4 soon. -- -tcole To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020626214328.GD53981>