From owner-freebsd-security Mon Jun 24 19:53:43 2002 Delivered-To: freebsd-security@freebsd.org Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by hub.freebsd.org (Postfix) with SMTP id F09EC37B408 for ; Mon, 24 Jun 2002 19:53:11 -0700 (PDT) Received: (qmail 9389 invoked by uid 0); 25 Jun 2002 02:53:10 -0000 Received: from pd950a5da.dip.t-dialin.net (HELO gmx.net) (217.80.165.218) by mail.gmx.net (mp004-rz3) with SMTP; 25 Jun 2002 02:53:10 -0000 Message-ID: <3D17DAEB.5000106@gmx.net> Date: Tue, 25 Jun 2002 04:52:27 +0200 From: Michael Nottebrock User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.0rc2) Gecko/20020513 Netscape/7.0b1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: peter.lai@uconn.edu Cc: Chris BeHanna , FreeBSD Security , deraadt@cvs.openbsd.org Subject: Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd) References: <20020624163538.H10398-100000@yez.hyperreal.org> <20020624212557.R7245-100000@topperwein.dyndns.org> <20020624220229.A92101@cowbert.2y.net> X-Enigmail-Version: 0.61.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigD77E41809FAD12F345453571" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following is an OpenPGP/MIME signed message created by Enigmail/Mozilla, following RFC 2440 and RFC 2015 --------------enigD77E41809FAD12F345453571 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Peter C. Lai wrote: > Is OpenSSH 3.3 now part of the base system? So are we phasing out > ssh as part of the base system (since the answer to the first > question is no, and therefore only the portable versions > have privsep available)? Well, the OpenSSH-Team does not and probably cannot support all those releases floating around in various OSes, Linux-Distributions etc. They do a reasonable job to make sure that people who run a supported release (e.g. the current one) experience as few troubles as possible. It seems like FreeBSD (thanks des!) will now try to provide its users with the 'latest and greatest' openssh-portable in the base system (which is really cool, because that way, openssh-portable will get much more thorough testing on the FreeBSD platform and fixes and experience from that will be getting back to the OpenSSH developers), so maybe we'll be able to be more relaxed about such unfortunate news in the future. Regards, -- Michael Nottebrock "The circumstance ends uglily in the cruel result." - Babelfish --------------enigD77E41809FAD12F345453571 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9F9rxXhc68WspdLARAn9UAJ9r6vW3X6h0lfK2Dixfw89dC0sQKQCaAr/8 oxaUxj+hMzrNCMrgm9QSUOY= =rfhn -----END PGP SIGNATURE----- --------------enigD77E41809FAD12F345453571-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message