[svlug] OpenSSH source may be trojaned, unless...
J. Paul Reed
preed at sigkill.com
Fri Aug 2 01:17:49 PDT 2002
On Thu, 1 Aug 2002, Ian Kluft wrote:
> All software seems to have a very limited shelf life these days...
Yeah... especially considering that OpenSSL, on which OpenSSH depends, has
had a number of nasty buffer overflows discovered very recently as well.
http://www.openssl.org/news/secadv_20020730.txt
The short and sweet version: if you're using pre-0.9.6d or some of the
0.9.7 betas, it's time for an upgrade (whether "downloading" one means
'apt-get', 'rpm -U', or 'wget'/'ftp').
I know everyone makes mistakes, but... but... just... *sigh*
Later,
Paul
-----------------------------------------------------------------------
J. Paul Reed preed at sigkill.com || web.sigkill.com/preed
Wait, stop! We can outsmart those dolphins. Don't forget: we invented
computers, leg warmers, bendy straws, peel-and-eat shrimp, the glory
hole, *and* the pudding cup! -- Homer Simpson, Tree House of Horror XI
More information about the svlug
mailing list