Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 25 Oct 2000 08:04:11 -0700 (PDT)
From:      Zvezdelin Vladov <zvezdi_v@yahoo.com>
To:        freebsd-questions@FreeBSD.ORG, green@freebsd.org
Subject:   OpenSSH Upgrade Problems! ( Security related)
Message-ID:  <20001025150411.20437.qmail@web802.mail.yahoo.com>

next in thread | raw e-mail | index | archive | help
Hello!

I have tried few times to 
cvsup the cvs-crypto group of sources
where openssh lies in. 

I am running FreeBSD-4.x-stable,
last update made around 15 october.
Precompiled OK.

Still, just today found out that
I am running the old openssh, with
few SECURITY related BUGS.

I can't update it to the 2.2.x version 
as the web of openssh.com states.

I can't update it through the /usr/ports
subsystem too. There is the old version.

As stated on the
http://www.openbsd.org/errata.html#format_strings
QUOTE:

028: SECURITY FIX: Oct 6, 2000
There are printf-style format string bugs in several
privileged programs. 

Those are updated in the 2.2.x version.


Still, on the cvs by web from freebsd.org looks
like it (the 2.2.x) has been imported 2/3 days
after the OpenBSD folks changed the bugs.

I can't get one thing. Is this fixed for -current
only?

Just found out by the advisory from openbsd, following
the link above, and went to download the "portable"
version to update my openssh.

Cvsup to internat.freebsd.org says:
cvs-crypto: no such collection.

Commenting-out cvs-crypto and pointing by
src-secure
src-....
etc. didn't work. Not even on any other
cvsup server. (have tried both with 4.x-stable
4.x-secure-stable) and most of the uk's cvsup servers.

Comments?
Yours,
Zvezdelin Vladov


__________________________________________________
Do You Yahoo!?
Yahoo! Messenger - Talk while you surf!  It's FREE.
http://im.yahoo.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001025150411.20437.qmail>