Date: Mon, 1 Jul 2002 09:30:39 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG> To: Dag-Erling Smorgrav <des@ofug.org> Cc: "JP Villa (Datafull.com)" <root@datafull.com>, freebsd-security@FreeBSD.ORG Subject: Re: Re[2]: openssh OR openssh-portable Message-ID: <20020701143038.GM4764@madman.nectar.cc> In-Reply-To: <xzpbs9wv172.fsf@flood.ping.uio.no> References: <3D1AD7C4.9020909@cerint.pl> <xzp6604x5ue.fsf@flood.ping.uio.no> <41256714305.20020627163946@datafull.com> <xzpbs9wv172.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 27, 2002 at 11:52:49PM +0200, Dag-Erling Smorgrav wrote: > "JP Villa (Datafull.com)" <root@datafull.com> writes: > > I think the original question was pointing to this too, > > so I rephrase: openssh or openssh-portable? or maybe > > openssh 3.4 properly merged on a production codebase? and > > in that case, when? > > In my opinion, the latter is the best option, but it's your machine > and your call. Jacques Vidrine has the final word in this matter, and > I can't speak for him, but I expect 3.4 will hit -STABLE (and > hopefully the security branches) sometime next week. At this time, OpenSSH 3.4 will not be merged into the security branches. They are currently not vulnerable, and major upgrades are outside the scope of the security branches, particularly when such upgrades are practically guaranteed to break existing installations. Of course, OpenSSH 3.4 is always available via the Ports Collection, and I would, in fact, recommend that users take advantage of it and turn on PrivilegeSeperation if at all possible. Cheers, -- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020701143038.GM4764>