From owner-freebsd-security  Fri Feb  9  9:51:32 2001
Delivered-To: freebsd-security@freebsd.org
Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139])
	by hub.freebsd.org (Postfix) with ESMTP id 4598637EA87
	for <security@freebsd.org>; Fri,  9 Feb 2001 09:51:14 -0800 (PST)
Received: (qmail 86492 invoked by uid 1000); 9 Feb 2001 17:51:12 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 9 Feb 2001 17:51:12 -0000
Date: Fri, 9 Feb 2001 11:51:12 -0600 (CST)
From: Mike Silbersack <silby@silby.com>
To: Szilveszter Adam <sziszi@petra.hos.u-szeged.hu>
Cc: <security@freebsd.org>
Subject: Re: Is this a problem for us too?
In-Reply-To: <20010209114758.C6167@petra.hos.u-szeged.hu>
Message-ID: <Pine.BSF.4.31.0102091146400.86478-100000@achilles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


On Fri, 9 Feb 2001, Szilveszter Adam wrote:

> -CURRENT and -STABLE have 2.3.0 so they are not vulnerable. 3.x stil
> doesn't have OpenSSH at all AFAIK. The ports have just been marked
> FORBIDDEN for both ssh and openssh. Something else? No, I think we have
> covered all bases:-)
>
> --
> Regards:
>
> Szilveszter ADAM
> Szeged University
> Szeged Hungary

Well, marking the ports forbidden doesn't really _fix_ the bug.  However,
the patch is only one line long, so I imagine the maintainers will have
the two ports fixed in a quick hurry.

Mike "Silby" Silbersack




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message