From owner-freebsd-security  Thu Aug  1 18: 7:36 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1434A37B400
	for <freebsd-security@freebsd.org>; Thu,  1 Aug 2002 18:07:34 -0700 (PDT)
Received: from jive.SoftHome.net (jive.SoftHome.net [66.54.152.27])
	by mx1.FreeBSD.org (Postfix) with SMTP id 6567143E4A
	for <freebsd-security@freebsd.org>; Thu,  1 Aug 2002 18:07:33 -0700 (PDT)
	(envelope-from yid@softhome.net)
Received: (qmail 28943 invoked by uid 417); 2 Aug 2002 01:07:28 -0000
Received: from shunt-smtp-out-0 (HELO softhome.net) (172.16.3.12)
  by shunt-smtp-out-0 with SMTP; 2 Aug 2002 01:07:28 -0000
Received: from unknown ([216.194.6.221])
  (AUTH: LOGIN yid@softhome.net)
  by softhome.net with esmtp; Thu, 01 Aug 2002 19:07:25 -0600
Date: Thu, 1 Aug 2002 21:05:56 -0400
From: Joshua Lee <yid@softhome.net>
To: "DiCioccio, Jason" <jdicioccio@epylon.com>
Cc: bond@comitnet.se, freebsd-security@FreeBSD.ORG
Subject: Re: Trojan located in latest openssh tar files
Message-Id: <20020801210556.04b0fee1.yid@softhome.net>
In-Reply-To: <657B20E93E93D4118F9700D0B73CE3EA02FFF649@goofy.epylon.lan>
References: <657B20E93E93D4118F9700D0B73CE3EA02FFF649@goofy.epylon.lan>
Organization: Plan B Software Labs
X-Mailer: Sylpheed version 0.8.0claws (GTK+ 1.2.10; i386-portbld-freebsd4.6)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thu, 1 Aug 2002 16:58:14 -0700 
"DiCioccio, Jason" <jdicioccio@epylon.com> wrote:

> Neither -- unless you tell it to ignore the checksum on the port.  As
> far as the source tree, OpenSSH 3.4 was imported a while back, so I
> don't think the same problem would exist as the trojan seemed to
> originate yesterday.

Yes, and to come to think of it since it requires the cooperation of a makefile, unless the source tree uses the makefile of the original package there's no hole for the source tree's openssh.

Thanks for the help.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message