Date: Sat, 16 Dec 2006 20:55:25 -0800 From: Christopher Cowart <ccowart@rescomp.berkeley.edu> To: freebsd-questions@freebsd.org Subject: Re: openssh security issues Message-ID: <20061217045525.GF15871@rescomp.berkeley.edu> In-Reply-To: <20061217034739.GF16906@tigger.digitaltorque.ca> References: <20061217034739.GF16906@tigger.digitaltorque.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
--B8ONY/mu/bqBak9m Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 16, 2006 at 10:47:39PM -0500, Michael P. Soulier wrote: > So, portaudit keeps complaining about openssh, but when I try to upgrade.= =2E. >=20 > [msoulier@kanga ~]$ sudo portupgrade -R openssh > [Updating the pkgdb <format:bdb1_btree> in /var/db/pkg ... - 207 packages > found (-1 +1) (...). done] > ---> Upgrading 'openssh-3.6.1_5' to 'openssh-3.6.1_6' (security/openssh) > ---> Building '/usr/ports/security/openssh' > =3D=3D=3D> Cleaning for openssh-3.6.1_6 > =3D=3D=3D> openssh-3.6.1_6 has known vulnerabilities: > =3D> openssh -- multiple vulnerabilities. > Reference: > <http://www.FreeBSD.org/ports/portaudit/32db37a5-50c3-11db-acf3-000c6ec77= 5d9.html> This says it only affects SSH Protocol version 1. If you only use version 2 or you're not too concerned, you could do:=20 $ sudo portupgrade -m DISABLE_VULNERABILITIES=3Dyes -R openssh > =3D> Please update your ports tree and try again. > *** Error code 1 >=20 > Stop in /usr/ports/security/openssh. > ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.206= 85.0 > env UPGRADE_TOOL=3Dportupgrade UPGRADE_PORT=3Dopenssh-3.6.1_5 > UPGRADE_PORT_VER=3D3.6.1_5 make > ** Fix the problem and try again. > ** Listing the failed packages (*:skipped / !:failed) > ! security/openssh (openssh-3.6.1_5) (unknown build error) > ---> Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed >=20 > So, before bothering the port maintainer, is there a standard place to lo= ok > for a status update on this kind of thing? >=20 > Thanks, > Mike > --=20 > Michael P. Soulier <msoulier@digitaltorque.ca> > "Any intelligent fool can make things bigger and more complex... It > takes a touch of genius - and a lot of courage to move in the opposite > direction." --Albert Einstein --=20 Chris Cowart Network and Infrastructure Systems Administrator RSSP-IT, UC Berkeley "May all your pushes be popped" --B8ONY/mu/bqBak9m Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFFhM29V3SOqjnqPh0RAp9VAKCv28lVFoEWvtaFjEkP8yv7cebWiwCeMFl0 s+voFFBHwk2c+Qj1LWbD3k4= =PdO7 -----END PGP SIGNATURE----- --B8ONY/mu/bqBak9m--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061217045525.GF15871>