"K.-P. Kirchdörfer" wrote: > > Am Donnerstag 01 August 2002 06:23 schrieb Michael D. Schleif: > > Dan Harkless wrote: > > > Argh. I tried to forward the below CERT advisory to the list yesterday > > > but it was rejected because I used a MIME-based forward. The list > > > rejects such posts without bouncing them back to you, which is quite > > > broken behavior, thus I need to re-compose this intoductory text. > > > > > > Looking at the series of OpenSSL vulnerabilities discussed below, it > > > would *appear* that OpenSSH is not affected by them (a Bugtraq search and > > > a look at <http://www.openssh.org/security.html> didn't reveal a more > > > canonical answer). > > > > > > However, if there are *any* known security holes in libssl, it would seem > > > like a good idea for someone to recompile ssh.lrp and sshd.lrp with > > > OpenSSL 0.9.6e when they have a chance. It appears that at least some > > > Linux distros have released new OpenSSH packages built against the fixed > > > OpenSSL. > > > > Already done - yesterday: > > > > > > <http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/helices/openssh/ > >> > > > > Message-ID: <[EMAIL PROTECTED]> > > With all respect Michael > > Regarding to the news today > http://lwn.net/Articles/6524/ > > I want to ask, if we can shure the version in your leaf-cvs isn't affected?
# md5sum ./openssh-3.4p1.tar.gz 459c1d0262e939d6432f193c7a4ba8a8 ./openssh-3.4p1.tar.gz -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html