Date: Thu, 16 Oct 2003 23:36:41 GMT From: Charlie & <root@hal.ee.lbl.gov> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/58153: 4.9 default with vulnerable openssh 3.5 Message-ID: <200310162336.h9GNafBv000304@hal.ee.lbl.gov> Resent-Message-ID: <200310162340.h9GNeGq8027786@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 58153 >Category: bin >Synopsis: 4.9 default with vulnerable openssh 3.5 >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Oct 16 16:40:16 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Charlie & >Release: FreeBSD 4.9-RC2 i386 >Organization: >Environment: System: FreeBSD testing4.9.lbl.gov 4.9-RC2 FreeBSD 4.9-RC2 #0: Wed Oct 8 07:44:57 GMT 2003 root@freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/GENERIC i386 FreeBSD 4.9 only >Description: 4.9 (current RC2) is still distributing openssh 3.5p1 which is a vulnerable version of openssh. For 4.9-RELEASE, this needs to be changed to openssh-3.7p2 >How-To-Repeat: >Fix: build openssh-3.7p2 for formal 4.9-RELEASE >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310162336.h9GNafBv000304>