Date: Mon, 24 Jun 2002 20:06:27 -0600 (MDT) From: Brett Glass <brett@lariat.org> To: dinoex@freebsd.org, nectar@freebsd.org, piechota@argolis.org Cc: freebsd-security@freebsd.org Subject: Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd) Message-ID: <200206250206.UAA11075@lariat.org> In-Reply-To: <20020624224841.GC42982@madman.nectar.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
Theo has made it quite clear both in his announcement and in private mail: Anyone who wants to be safe MUST get a version of OpenSSH with "privilege separation" running before next week. The latest version in the Ports tree appears to be 3.3p1, while the packages are older. Theo recommends 3.3.1p, so we should make sure that this version is available both as a port and as a binary package by week's end. I doubt that this will be hard to do, since FreeBSD is very close to OpenBSD and NetBSD API-wise. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206250206.UAA11075>