From owner-freebsd-security Sun Mar 31 6:10:38 2002 Delivered-To: freebsd-security@freebsd.org Received: from boleskine.patpro.net (boleskine.patpro.net [62.4.20.155]) by hub.freebsd.org (Postfix) with ESMTP id 80CE837B417 for ; Sun, 31 Mar 2002 06:10:31 -0800 (PST) Received: from [192.168.0.1] (cassandre [192.168.0.1]) by boleskine.patpro.net (8.11.3/8.11.3) with ESMTP id g2VEAUH80980 for ; Sun, 31 Mar 2002 16:10:31 +0200 (CEST) (envelope-from patpro@patpro.net) User-Agent: Microsoft Outlook Express Macintosh Edition - 5.01 (1630) Date: Sun, 31 Mar 2002 16:10:29 +0200 Subject: Re: Why update the world because of OpenSSH? From: patpro To: Message-ID: In-Reply-To: <4487.213.112.58.135.1017583220.squirrel@phucking.kicks-ass.org> Mime-version: 1.0 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org le 31/03/02 16:00, Jesper Wallin =E0 z3l3zt@phucking.kicks-ass.org a =E9crit=A0: > Once again I make me look like a fool.. >=20 > I'm quite new to both mailinglists and FreeBSD so I'm not sure IF i shoul= d > post this or where I should post if.. sorry for pissing you off.. >=20 > Well, for some month ago I saw the warnings about the root exploit for > OpenSSH here. What I never understood what, why should I update my world > because of an OpenSSH exploit? Isn't it enought to just cvsup the ports a= nd > re-install OpenSSH from the ports? it appears to me that you just have to remove the openssh that comes with the base system and to install the openssh-portable port (and tune rc.conf accordingly). patpro --=20 "Rien ne se perd, rien ne se cr=E9e, tout s'empile" - Mon Bureau - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message