Per chi non seguisse debian-security (Male...:-) Pare ci sia un nuovo exploit per ssh «in the wild». Pero` in security c'e` gia` la versione patchata. Uomo avvisato....
There's already a new package on security.debian.org. I can't vouch for it myself, but here's the changelog: openssh (1:3.4p1-1.1) stable-security; urgency=high * NMU by the security team. * Merge patch from OpenBSD to fix a security problem in buffer handling -- Wichert Akkerman <[EMAIL PROTECTED]> Tue, 16 Sep 2003 13:06:31 +0200 ----- Forwarded message from Mental Patient <[EMAIL PROTECTED]> ----- Date: Tue, 16 Sep 2003 10:22:01 -0400 From: Mental Patient <[EMAIL PROTECTED]> To: debian-security@lists.debian.org Subject: ssh vulnerability in the wild X-Mailing-List: <debian-security@lists.debian.org> archive/latest/12971 see tinyurl.com/nios Sorry if this is a rehash, but I dont recall seeing a discussion and I'd really like to think my stable boxes are safe :) I know several people that are being attacked/had to patch ssh/filter traffic. -- Mental ([EMAIL PROTECTED]) "The Torah... The Gospels... The Koran... Each claimed as the infallible word of GOD. Misquoted, misinterpreted, misunderstood, and misapplied. Maybe that's why he doesn't do any more interviews." - sinfest.net CARPE NOCTEM, QUAM MINIMUM CREDULA POSTERO. GPG public key: http://www.neverlight.com/pas/Mental.asc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] ----- End forwarded message ----- > Ciao, Alvise -- +------------------------------------------------------------+ | Alvise Belotti [EMAIL PROTECTED] http://laventa.it | | «La vera casa dell'uomo non č una casa, č la strada. | | La vita stessa č un viaggio da fare a piedi». (B. Chatwin) | | PGP Key = AD 85 93 92 A9 9C 93 14 9C 6B 3B 15 52 79 B8 BD | +------------------------------------------------------------+
