Date: Wed, 26 Jun 2002 13:19:21 -0600 From: Theo de Raadt <deraadt@cvs.openbsd.org> To: Benjamin Krueger <benjamin@seattleFenix.net> Cc: Travis Cole <kelp@plek.org>, freebsd-security@freebsd.org Subject: Re: Wow Message-ID: <200206261919.g5QJJLLI018466@cvs.openbsd.org> In-Reply-To: Your message of "Wed, 26 Jun 2002 12:17:54 PDT." <20020626121754.F8071@mail.seattleFenix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> * Theo de Raadt (deraadt@cvs.openbsd.org) [020626 12:02]: > > > On Wed, Jun 26, 2002 at 11:41:03AM -0600, Theo de Raadt wrote: > > > > Man, you guys sure do talk shit a lot. But anyways, that is hardly > > > > surprising or news. > > > > > > > > I do have a question though. > > > > > > > > Did any of you get broken in via this hole yet? > > > > > > Nope. Just wasted a good part of yesterday upgrading 60 boxes > > > from a non-vulnerable version of OpenSSH to a version with a now > > > known remote exploit. > > > > > > I think the PR for this issue could have been a bit better... > > > > We also did 5600 lines of further security auditing work over the last > > week. We're fairly convinced that some of the things we changed are > > relevant as well. ie. more holes. > > > > And that is commited in 3.4 > > Theo, > > When will we see an advisory and/or patches for older versions regarding > the other holes that you have uncovered? You won't. I've barely slept in a week. So many of you are being totally unreasonable people. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206261919.g5QJJLLI018466>