* Dossy ([EMAIL PROTECTED]) wrote: > On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote: > > The new version has already been installed. This was quick. Good work, > > security team. > > > > openssh (1:3.4p1-1.1) stable-security; urgency=high > > > > * NMU by the security team. > > * Merge patch from OpenBSD to fix a security problem in buffer handling > > > > -- Wichert Akkerman <[EMAIL PROTECTED]> Tue, 16 Sep 2003 13:06:31 +0200 > > Is 3.6.1p2-3 vulnerable? For those of us who want security, must we > downgrade to 3.4p1-1.1 or build from source after patching by hand? Or > will this security fix be applied to sarge as well?
There's at least a version on incoming.debian.org which has the version
for unstable. I don't know what to tell you about testing/sarge. I'm
sure it will be in before release but beyond that I've no idea when it
will make it into testing.
Stephen
pgp00000.pgp
Description: PGP signature
