From owner-freebsd-security Fri Feb 9 10:41:56 2001 Delivered-To: freebsd-security@freebsd.org Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67]) by hub.freebsd.org (Postfix) with ESMTP id 62C4A37B401 for ; Fri, 9 Feb 2001 10:41:35 -0800 (PST) Received: (from dillon@localhost) by earth.backplane.com (8.11.1/8.9.3) id f19IfNQ84385; Fri, 9 Feb 2001 10:41:23 -0800 (PST) (envelope-from dillon) Date: Fri, 9 Feb 2001 10:41:23 -0800 (PST) From: Matt Dillon Message-Id: <200102091841.f19IfNQ84385@earth.backplane.com> To: "Mason Harding" Cc: Subject: How to rebuild ssh w/ latest sources (was Re: SSH Vulnerability) References: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :I am guessing this OpenSSH vulnerability applies to FreeBSD...does anyone :know? :Also thought others might like to know about it. :http://razor.bindview.com/publish/advisories/adv_ssh1crc.html : :Mason Yes. If your sources are reasonably up to date (since Jan 23), just rebuild it: cd /usr/src/secure/lib/libssh make clean obj all cd /usr/src/secure/usr.sbin/sshd make clean obj all install cd /usr/src/secure/usr.bin/ssh make clean obj all install (kill your old sshd daemon, start a new one) Verify you are running the new version of the daemon: % ssh -v localhost earth:/home/dillon> ssh -v localhost SSH Version OpenSSH_2.3.0, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 101 geteuid 101 anon 1 debug: Connecting to localhost [127.0.0.1] port 22. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ debug: match: OpenSSH_2.3.0 pat ^OpenSSH[-_]2\.3 debug: Local version string SSH-1.5-OpenSSH_2.3.0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message