Kamaraju S Kusumanchi <[EMAIL PROTECTED]> writes: > Scott Gifford wrote: > > >> CVE-2006-0225 OpenSSH Local SCP Shell Command Execution >>From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch > machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1
Thanks, from the bug tracking database it looks like this wasn't addressed for Sarge (see bug 349645), which is unfortunate. > No idea about other stuff. > > BTW, is upgrade to Etch from Sarge not an option in your case? Our upgrade from Woody to Sarge was so disastrous, I will need more time for this client to forget about it before I can propose another upgrade. :-) > Sarge is old and Etch is the new stable version. "old" is perhaps a bit strong of a word for a release that was state-of-the-art as of about 7 weeks ago, and is still supported for another 10 months... ---Scott. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
