Date: Tue, 19 Nov 2013 07:44:40 -0800 From: Paul Hoffman <phoffman@proper.com> To: FreeBSD-security@FreeBSD.org Subject: Question about "FreeBSD Security Advisory FreeBSD-SA-13:14.openssh" Message-ID: <CA731E13-89EC-4DF1-9D81-FDE6C9C0918F@proper.com> References: <20131119102130.90E5C1A3B@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Greetings again. Why does this announcement only apply to:=20 > Affects: FreeBSD 10.0-BETA That might be the only version where aes128-gcm and aes256-gcm are in = the defaults, but other versions of FreeBSD allow you to specify cipher = lists in /etc/ssh/sshd_config. I would think that you would need to = update all systems running OpenSSH 6.2 and 6.3, according to the CVE. = FWIW, when I did a freebsd-update on my 9.2-RELEASE system, sshd (6.2) = was not updated. --Paul Hoffman=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA731E13-89EC-4DF1-9D81-FDE6C9C0918F>