"K.-P. Kirchdörfer" wrote:
>
> Am Donnerstag 01 August 2002 06:23 schrieb Michael D. Schleif:
> > Dan Harkless wrote:
> > > Argh. I tried to forward the below CERT advisory to the list yesterday
> > > but it was rejected because I used a MIME-based forward. The list
> > > rejects such posts without bouncing them back to you, which is quite
> > > broken behavior, thus I need to re-compose this intoductory text.
> > >
> > > Looking at the series of OpenSSL vulnerabilities discussed below, it
> > > would *appear* that OpenSSH is not affected by them (a Bugtraq search and
> > > a look at <http://www.openssh.org/security.html> didn't reveal a more
> > > canonical answer).
> > >
> > > However, if there are *any* known security holes in libssl, it would seem
> > > like a good idea for someone to recompile ssh.lrp and sshd.lrp with
> > > OpenSSL 0.9.6e when they have a chance. It appears that at least some
> > > Linux distros have released new OpenSSH packages built against the fixed
> > > OpenSSL.
> >
> > Already done - yesterday:
> >
> >
> > <http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/helices/openssh/
> >>
> >
> > Message-ID: <[EMAIL PROTECTED]>
>
> With all respect Michael
>
> Regarding to the news today
> http://lwn.net/Articles/6524/
>
> I want to ask, if we can shure the version in your leaf-cvs isn't affected?
# md5sum ./openssh-3.4p1.tar.gz
459c1d0262e939d6432f193c7a4ba8a8 ./openssh-3.4p1.tar.gz
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I don't know . . .
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
