From owner-freebsd-security Wed Dec 20 12: 2:16 2000 From owner-freebsd-security@FreeBSD.ORG Wed Dec 20 12:02:13 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from sj-msg-core-2.cisco.com (sj-msg-core-2.cisco.com [171.69.43.88]) by hub.freebsd.org (Postfix) with ESMTP id 85F4537B400 for ; Wed, 20 Dec 2000 12:02:12 -0800 (PST) Received: from bmah-freebsd-0.cisco.com (bmah-freebsd-0.cisco.com [171.70.84.42]) by sj-msg-core-2.cisco.com (8.9.3/8.9.1) with ESMTP id MAA08225; Wed, 20 Dec 2000 12:02:11 -0800 (PST) Received: (from bmah@localhost) by bmah-freebsd-0.cisco.com (8.11.1/8.11.1) id eBKK24j26307; Wed, 20 Dec 2000 12:02:04 -0800 (PST) (envelope-from bmah) Message-Id: <200012202002.eBKK24j26307@bmah-freebsd-0.cisco.com> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Chris Faulhaber Cc: Slawek Zak , freebsd-security@FreeBSD.ORG Subject: Re: SSH update In-Reply-To: <20001220143328.A9618@peitho.fxp.org> References: <87k88u99nz.fsf@pf39.warszawa.sdi.tpnet.pl> <20001220143328.A9618@peitho.fxp.org> Comments: In-reply-to Chris Faulhaber message dated "Wed, 20 Dec 2000 14:33:28 -0500." From: "Bruce A. Mah" Reply-To: bmah@FreeBSD.ORG X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ X-Image-Url: http://www.employees.org/~bmah/Images/bmah-cisco-small.gif X-Url: http://www.employees.org/~bmah/ Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1134604096P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Wed, 20 Dec 2000 12:02:04 -0800 Sender: bmah@cisco.com Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --==_Exmh_1134604096P Content-Type: text/plain; charset=us-ascii If memory serves me right, Chris Faulhaber wrote: > On Wed, Dec 20, 2000 at 08:26:08PM +0100, Slawek Zak wrote: > > Has SSH in 4.2-RELEASE been updated to prevent the latest attack > > (unauthorized agent and X11 connection forwarding)? > > > > Yes, OpenSSH was patched on 2000-11-14 (before FreeBSD 4.2 was released). > See http://www.FreeBSD.org/cgi/cvsweb.cgi/src/crypto/openssh/clientloop.c > for more details. ...a fact which should have been in the release notes file for 4.2-RELEASE, but for some reason wasn't (the MFC is noted in the release notes for -CURRENT, however). Oopsie. :-( Bruce. --==_Exmh_1134604096P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: Exmh version 2.2 06/23/2000 iD8DBQE6QRA82MoxcVugUsMRAvyfAJ4kD68mlzgJy7X6zfkKGZfddG0x7QCg7cuM Dtgz31tOG0/VvoGRW7c73Bo= =h3XK -----END PGP SIGNATURE----- --==_Exmh_1134604096P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message