Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Jun 2002 20:58:40 +0100
From:      Scott Mitchell <scott.mitchell@mail.com>
To:        Christopher Schulte <schulte+freebsd@nospam.schulte.org>
Cc:        Lord Raiden <raiden23@netzero.net>, Marco Radzinschi <marco@radzinschi.com>, FreeBDS-Questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Upcoming OpenSSH vulnerability (fwd)
Message-ID:  <20020625205840.B381@fishballoon.dyndns.org>
In-Reply-To: <5.1.1.6.2.20020625124040.041c50f0@pop3s.schulte.org>; from schulte%2Bfreebsd@nospam.schulte.org on Tue, Jun 25, 2002 at 12:45:33PM -0500
References:  <5.1.1.6.2.20020624224948.02923518@pop3s.schulte.org> <20020624234646.G22328-100000@mail.radzinschi.com> <4.2.0.58.20020625134233.009992b0@pop.netzero.net> <5.1.1.6.2.20020625124040.041c50f0@pop3s.schulte.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, Jun 25, 2002 at 12:45:33PM -0500, Christopher Schulte wrote:
> At 01:43 PM 6/25/2002 -0400, Lord Raiden wrote:
> >         Ok, well we're still running OpenSSH 3.1 from the last security 
> > upgrade recommendation.  Should we go straight to 3.3 or wait for the 
> > final fix?

With previous ssh vulnerabilities I've been able to just patch the base
system, by rebuilding the world or using the patch included with the
advisory.  However, to get to 3.3 it looks like I'd need to install a port.

There are two OpenSSH ports: security/openssh and security/openssh-portable

What's the difference between these two ports?

Which one should I install to deal with this vulnerability?

The right answer to my second question may of course be, "wait for the
announcement on -security"

TIA,

	Scott

-- 
===========================================================================
Scott Mitchell          | PGP Key ID | "Eagles may soar, but weasels
Cambridge, England      | 0x54B171B9 |  don't get sucked into jet engines"
scott.mitchell@mail.com | 0xAA775B8B |      -- Anon

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020625205840.B381>