From owner-freebsd-stable  Thu Jul  4 10:56:14 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 24CD737B401
	for <freebsd-stable@freebsd.org>; Thu,  4 Jul 2002 10:56:10 -0700 (PDT)
Received: from bodb.mc.mpls.visi.com (bodb.mc.mpls.visi.com [208.42.156.104])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7C24743E42
	for <freebsd-stable@freebsd.org>; Thu,  4 Jul 2002 10:56:09 -0700 (PDT)
	(envelope-from hawkeyd@visi.com)
Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193])
	by bodb.mc.mpls.visi.com (Postfix) with ESMTP
	id C871B4CCE; Thu,  4 Jul 2002 12:56:08 -0500 (CDT)
Received: (from hawkeyd@localhost)
	by sheol.localdomain (8.11.6/8.11.6) id g64Hu8J89602;
	Thu, 4 Jul 2002 12:56:08 -0500 (CDT)
	(envelope-from hawkeyd)
Date: Thu, 4 Jul 2002 12:56:08 -0500
From: D J Hawkey Jr <hawkeyd@visi.com>
To: Thomas Quinot <thomas@cuivre.fr.eu.org>
Cc: stable at FreeBSD <freebsd-stable@freebsd.org>
Subject: Re: HEADS UP: FreeBSD-STABLE now has OpenSSH 3.4p1
Message-ID: <20020704125608.A89587@sheol.localdomain>
Reply-To: hawkeyd@visi.com
References: <20020704115910.A89342@sheol.localdomain> <5.1.1.6.2.20020704120834.0412d678@pop3s.schulte.org> <20020704123016.A89510@sheol.localdomain> <20020704194927.A71508@melusine.cuivre.fr.eu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <20020704194927.A71508@melusine.cuivre.fr.eu.org>; from thomas@cuivre.fr.eu.org on Thu, Jul 04, 2002 at 07:49:27PM +0200
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

On Jul 04, at 07:49 PM, Thomas Quinot wrote:
> 
> Le 2002-07-04, D J Hawkey Jr écrivait :
> 
> > But, but... But 4.6-RELEASE is vulnerable, as I understand it
> 
> No, this is incorrect. The version of OpenSSH in 4.6-REL is 2.9,
> which is not affected by the ChallengeResponseAuthentication
> vulnerability.

Ah. All righty, then. Thanks for the clarification.

But what about the ATAPI fixes, and maybe even the builtin 'test' fix
(once it's been MFC'd into -STABLE, of course).

> Thomas.

One down, one to go!
Dave

-- 
  ______________________                         ______________________
  \__________________   \    D. J. HAWKEY JR.   /   __________________/
     \________________/\     hawkeyd@visi.com    /\________________/
                      http://www.visi.com/~hawkeyd/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message