From owner-freebsd-questions@FreeBSD.ORG Sun Feb 27 01:35:53 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E79B816A4CE for ; Sun, 27 Feb 2005 01:35:52 +0000 (GMT) Received: from web41607.mail.yahoo.com (web41607.mail.yahoo.com [66.218.93.107]) by mx1.FreeBSD.org (Postfix) with SMTP id AD38E43D58 for ; Sun, 27 Feb 2005 01:35:52 +0000 (GMT) (envelope-from wo_shi_big_stomach@yahoo.com) Received: (qmail 66032 invoked by uid 60001); 27 Feb 2005 01:35:52 -0000 Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=Jieq2ATggtLkz5tzXeK4x/AhUikCC1Fdm2/WUwDgSktpIEvYiSiCtd0CaXSeOVXPG85ojnDZiMmFbrDX6gMoZ2yL1vKDn9fepiRWU6aBGMDsaptNdBzMP3+wRW6FlfdK7dP+u+JOdwhR1HaLILd7X0eAlNaDs0PCYeBMYPwiWuQ= ; Message-ID: <20050227013552.66030.qmail@web41607.mail.yahoo.com> Received: from [70.32.193.45] by web41607.mail.yahoo.com via HTTP; Sat, 26 Feb 2005 17:35:52 PST Date: Sat, 26 Feb 2005 17:35:52 -0800 (PST) From: wo_shi_big_stomach To: freebsd-questions@freebsd.org In-Reply-To: <421F874A.4030307@grokking.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: updating system version of OpenSSH X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Feb 2005 01:35:53 -0000 Phil Schulz wrote: > If you can't afford to upgrade the base OS and you do not want to > install OpenSSH from the ports Sorry, I wasn't clear. I have no problem installing or upgrading OpenSSH from ports. Indeed, that's all I know how to do. My question is how to upgrade OpenSSH as included with 5.2.1. If a ports install will do this, great. The more general question is how to upgrade system software, especially in cases where it's not included in the ports collection. --- "greg@grokking.org" wrote: > Someone please correct me if I'm wrong on this but I > believe rkhunter is > just checking the version 3.6.1 and doesn't account > for the 'p1' part > which refers to a FBSD patch that corrected the > vulnerability rkhunter > is referring to. > > IOW, I don't think you need to update ssh on 5.2.1 > if your motive is > merely that rkhunter flagged it. OK, that's a relief, thanks. Same question holds, though. If some system software is actually vulnerable, what's the procedure to update it? thanks /wsbs __________________________________ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail