Date: Fri, 05 Jul 2002 18:24:59 -0500 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: freebsd-reply@akruijff.dds.nl, User 109 <user109@thefront.homelinux.org> Cc: questions@freebsd.org Subject: Re: Upgrade Message-ID: <5.1.1.6.2.20020705182059.038a3b70@pop3s.schulte.org> In-Reply-To: <17749728615.20020706010725@dds.nl> References: <Pine.LNX.4.44.0207051230190.7080-100000@thefront.homelinux.org> <Pine.LNX.4.44.0207051230190.7080-100000@thefront.homelinux.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:07 AM 7/6/2002 +0200, Alex wrote: >U1> I want to patch 4.4 production machines for the libc & ssh issue, without > >RELENG_4_4 - security updates and seriously critical fixes for 4.4 >RELENG_4_4_0_RELEASE - original source (not recommended) According to the security advisory, RELENG_4_4 was not fixed in regards to the resolver bug. 4.4 is not a supported release. ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:28.resolv.asc Second, no security advisory was released for the most recent OpenSSH bug(s), as the version shipped was not vulnerable. However, there were other problems with the OpenSSH that was whipped with FreeBSD 4.4-RELEASE. See http://www.freebsd.org/security/index.html for all the security advisories. -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.2.20020705182059.038a3b70>