From owner-freebsd-questions@FreeBSD.ORG Thu Jun 3 11:01:46 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 017AD16A4CE for ; Thu, 3 Jun 2004 11:01:46 -0700 (PDT) Received: from shadow.wixb.com (shadow.wixb.com [65.43.82.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7591D43D5A for ; Thu, 3 Jun 2004 11:01:45 -0700 (PDT) (envelope-from jbronson@wixb.com) Received: from dakota.wixb.com (shadow.wixb.com [10.43.82.173]) i53I1iI2002828 for ; Thu, 3 Jun 2004 13:01:44 -0500 (CDT) Organization: Aurora Health Care, Milwaukee WI USA Message-Id: <6.1.1.1.2.20040603130112.00a8c0c8@localhost> Date: Thu, 03 Jun 2004 13:01:45 -0500 To: freebsd-questions@FreeBSD.org From: "J.D. Bronson" In-Reply-To: <44fz9cy18x.fsf@be-well.ilk.org> References: <20040603145510.6FCF843D49@mx1.FreeBSD.org> <44fz9cy18x.fsf@be-well.ilk.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Scanned-By: MIMEDefang 2.43 Subject: Re: openssh/ssl update probleme X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 18:01:46 -0000 At 12:55 PM 06/03/2004, Lowell Gilbert wrote: >"Thomas May" writes: > > > i have installed freebsd 5.2.1 from the iso image. Openssh 3.6.1p1 and > > openssl 0.97c has been installed. > >Right. > > > Because they have holes I want to install the newest ones. > >All of the known holes were patched at the time of release. There are >FreeBSD-specific additions to the version banner in order to >differentiate it from the original OpenSSH releases in which the >security issues existed. To the best of my knowledge, no new security >issues have come up in either openssh or openssl since FreeBSD 5.2.1 >was released. What about this: FreeBSD-SA-04:05.openssl Didnt it come out AFTER the 5.2.1 release?? Jeff >In other words, you probably do *not* have any security holes in >either one. > > > If I install the openssl port or the openssh port, the update doesn't work. > >That isn't specific enough for me to help you with. > > > I also try the openssh-portable port with the new version, but it also > shows > > me the old version. > >It sounds as though /usr/bin comes before /usr/local/bin on your path, >so if you just type "ssh" you will get the old version. Try >"/usr/local/bin/ssh -V" and you will probably see the version number >for the ssh installed from ports. > >Since you apparently aren't acquainted with the idea of a search path, >you probably should start by getting up to speed on Unix before trying >to deal with security topics; you are likely to make things worse >rather than better. An excellent starting place is >http://www.freebsd.org/projects/newbies.html#fbsd >particularly the "For People New to Both FreeBSD and Unix" tutorial. > >Good luck. >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"