Date: Thu, 04 Jul 2002 12:18:04 -0500 From: Christopher Schulte <schulte+freebsd@nospam.schulte.org> To: hawkeyd@visi.com, stable at FreeBSD <freebsd-stable@freebsd.org> Subject: Re: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1 Message-ID: <5.1.1.6.2.20020704120834.0412d678@pop3s.schulte.org> In-Reply-To: <20020704115910.A89342@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:59 AM 7/4/2002 -0500, D J Hawkey Jr wrote: >Once the dust has settled, will the recent changes in 4.6-STABLE be MFC'd >to 4.6-RELEASE: > > - OpenSSH 3.4p1 I don't think so. http://docs.freebsd.org/cgi/getmsg.cgi?fetch=155733+0+current/freebsd-security : >At this time, OpenSSH 3.4 will not be merged into the security >branches. They are currently not vulnerable, and major upgrades are >outside the scope of the security branches, particularly when such >upgrades are practically guaranteed to break existing installations. > >Of course, OpenSSH 3.4 is always available via the Ports Collection, >and I would, in fact, recommend that users take advantage of it and >turn on PrivilegeSeperation if at all possible. > >Cheers, >-- >Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ >NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos >jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se His advice of port installation is a good solution if you want to use privsep on a RELEASE build. >Thanks, >Dave > >-- > ______________________ ______________________ > \__________________ \ D. J. HAWKEY JR. / __________________/ > \________________/\ hawkeyd@visi.com /\________________/ > http://www.visi.com/~hawkeyd/ -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.2.20020704120834.0412d678>