From owner-freebsd-security Mon Nov 15 16: 6:23 1999 Delivered-To: freebsd-security@freebsd.org Received: from foobar.franken.de (foobar.franken.de [194.94.249.81]) by hub.freebsd.org (Postfix) with ESMTP id 735FC14F09; Mon, 15 Nov 1999 16:06:14 -0800 (PST) (envelope-from logix@foobar.franken.de) Received: (from logix@localhost) by foobar.franken.de (8.8.8/8.8.5) id BAA07277; Tue, 16 Nov 1999 01:06:14 +0100 (CET) Message-ID: <19991116010614.C6673@foobar.franken.de> Date: Tue, 16 Nov 1999 01:06:14 +0100 From: Harold Gutch To: Kris Kennaway , John Hay Cc: Brian Fundakowski Feldman , freebsd-security@FreeBSD.ORG Subject: Re: ssh-1.2.27 remote buffer overflow - work around ?? References: <199911150602.IAA13567@zibbi.mikom.csir.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: ; from Kris Kennaway on Mon, Nov 15, 1999 at 03:16:10PM -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Nov 15, 1999 at 03:16:10PM -0800, Kris Kennaway wrote: > Short of using the real SSH to fetch openSSH (which won't be useful if > you're trying to fetch openssh because you can't legally use SSH in your > situation in the first place) I can't think of another way to get it via > CVS. > > Perhaps we'll have to fall back to tarring up the source on a non-US ftp > server..this is probably a problem for a lot of people :-( I just put OpenSSH on http://www.regensburg.franken.de/~logix/OpenSSH-991116.tgz This simply is a tarball of the ssh-directory I got via "cvs get" from an OpenBSD CVS-mirror. I haven't even checked wether it compiles or wether your patches apply cleanly to it, Kris. Feel free to use it as MASTER_SITE in a port etc. bye, Harold -- Sleep is an abstinence syndrome wich occurs due to lack of caffein. Wed Mar 4 04:53:33 CET 1998 #unix, ircnet To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message