Date: Thu, 20 Jan 2011 12:56:08 -0800 (PST) From: Kevin Oberman <oberman@es.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/154175: Newer version of OpenSSH-portable needed Message-ID: <20110120205608.3FE0C1CC0C@ptavv.es.net> Resent-Message-ID: <201101202100.p0KL0I8Y014420@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 154175 >Category: ports >Synopsis: Newer version of OpenSSH-portable needed >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 20 21:00:17 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Kevin Oberman >Release: FreeBSD 8.2-PRERELEASE i386 >Organization: ESnet - The Energy Sciences Network >Environment: System: FreeBSD ptavv.es.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #1: Fri Dec 3 09:14:10 PST 2010 root@ptavv.es.net:/usr/obj/usr/src/sys/PTAVV8 i386 >Description: OpenSC 0.12 has been added to the ports tree replacing 0.11.13. This version depends on the support for PKCS in OpenSSH, but FreeBSD still at the two year old 5.2.p1. PKCS11 support was added in version 5.4 and the curent version is 5.6. Until a new version of OpenSSH is available, we are stuck at 0.11.13 which has a known security vulnerability. (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4523) >How-To-Repeat: N/A >Fix: Port OpenSSH-5.4 or newer to FreeBSD >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110120205608.3FE0C1CC0C>