Date: Thu, 07 Mar 2002 15:41:47 -0800 (PST) From: Mark Hartley <mark@work.drapple.com> To: freebsd-security@freebsd.org Subject: RE: FreeBSD Security Advisory FreeBSD-SA-02:13.openssh Message-ID: <XFMail.020307154147.mark@work.drapple.com> In-Reply-To: <200203071459.g27ExoP68069@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> The following patch has been verified to apply to FreeBSD 4.4-RELEASE, > 4.5-RELEASE, and 4.5-STABLE dated prior to the correction date. It > may or may not apply to older, unsupported versions of FreeBSD. > > Download the patch and the detached PGP signature from the following > locations, and verify the signature using your PGP utility. > ># fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch ># fetch ># ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch.asc > > Execute the following commands as root: > ># cd /usr/src ># patch < /path/to/sshd.patch ># cd /usr/src/secure/lib/libssh ># make depend && make all ># cd /usr/src/secure/usr.sbin/sshd ># make depend && make all install ># cd /usr/src/secure/usr.bin/ssh ># make depend && make all install OK, I followed what the advisory said, and I ran the patch. It seems to have applied fine, but it did not update src/crypto/openssh/version.h, so that it (sshd) still reports itself as the older version. It seems to me that this might cause some confusion for people in knowing if they've patched their systems or not. Mark. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.020307154147.mark>