From owner-freebsd-stable Thu Jul 4 10:17:37 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E51437B400 for ; Thu, 4 Jul 2002 10:17:34 -0700 (PDT) Received: from clink.schulte.org (clink.schulte.org [209.134.156.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id B8BF043E31 for ; Thu, 4 Jul 2002 10:17:33 -0700 (PDT) (envelope-from schulte+freebsd@nospam.schulte.org) Received: from localhost (localhost [127.0.0.1]) by clink.schulte.org (Postfix) with ESMTP id 6D5E72446A; Thu, 4 Jul 2002 12:17:32 -0500 (CDT) Received: from tandist.nospam.schulte.org (void.schulte.org [209.134.156.217]) by clink.schulte.org (Postfix) with ESMTP id 8508A24469; Thu, 4 Jul 2002 12:17:30 -0500 (CDT) Message-Id: <5.1.1.6.2.20020704120834.0412d678@pop3s.schulte.org> X-Sender: X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Thu, 04 Jul 2002 12:18:04 -0500 To: hawkeyd@visi.com, stable at FreeBSD From: Christopher Schulte Subject: Re: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1 In-Reply-To: <20020704115910.A89342@sheol.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS 0.3.12pre6 on clink.schulte.org Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 11:59 AM 7/4/2002 -0500, D J Hawkey Jr wrote: >Once the dust has settled, will the recent changes in 4.6-STABLE be MFC'd >to 4.6-RELEASE: > > - OpenSSH 3.4p1 I don't think so. http://docs.freebsd.org/cgi/getmsg.cgi?fetch=155733+0+current/freebsd-security : >At this time, OpenSSH 3.4 will not be merged into the security >branches. They are currently not vulnerable, and major upgrades are >outside the scope of the security branches, particularly when such >upgrades are practically guaranteed to break existing installations. > >Of course, OpenSSH 3.4 is always available via the Ports Collection, >and I would, in fact, recommend that users take advantage of it and >turn on PrivilegeSeperation if at all possible. > >Cheers, >-- >Jacques A. Vidrine http://www.nectar.cc/ >NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos >jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se His advice of port installation is a good solution if you want to use privsep on a RELEASE build. >Thanks, >Dave > >-- > ______________________ ______________________ > \__________________ \ D. J. HAWKEY JR. / __________________/ > \________________/\ hawkeyd@visi.com /\________________/ > http://www.visi.com/~hawkeyd/ -- Christopher Schulte http://www.schulte.org/ Do not un-munge my @nospam.schulte.org email address. This address is valid. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message