From owner-freebsd-security Tue Jul 16 14:43:58 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 172C937B400 for ; Tue, 16 Jul 2002 14:43:56 -0700 (PDT) Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9D75D43E42 for ; Tue, 16 Jul 2002 14:43:55 -0700 (PDT) (envelope-from des@ofug.org) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 16E13534A; Tue, 16 Jul 2002 23:43:53 +0200 (CEST) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Thomas T. Veldhouse" Cc: "Erik Trulsson" , Subject: Re: OpenSSH References: <5.1.0.14.2.20020715145432.00a54790@mail.interfold.com> <20020715210345.GA44837@falcon.midgard.homeip.net> <001201c22cd7$e0d28900$3028680a@tgt.com> From: Dag-Erling Smorgrav Date: 16 Jul 2002 23:43:52 +0200 In-Reply-To: <001201c22cd7$e0d28900$3028680a@tgt.com> Message-ID: Lines: 12 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.2 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Thomas T. Veldhouse" writes: > It is this "OpenSSH_2.9 FreeBSD localisations 20020307, SSH protocols > 1.5/2.0, OpenSSL 0x0090601f" in FreeBSD 4.6-RELEASE-p2. Seems to me that > should be updated as well considering the current hole in S-Key > authentication. The version of OpenSSH that shipped with 4.6-RELEASE is not vulnerable to that hole. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message