Manfred, Michael addressed this issue is already. Re: [leaf-user] FORW: CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL http://www.mail-archive.com/leaf-user%40lists.sourceforge.net/msg08584.html
On Thu, 2002-08-01 at 11:56, Manfred Schuler wrote: > I received this today: > > Thu Aug 1 14:40:28 MEST 2002 > > > The openssh source tarball openssh-3.4p1.tar.gz from the openbsd ftp > server ftp.openbsd.org has been trojaned with code that opens network > connections to a server in the internet (203.62.158.32:6667) at compile > time. The backdoor does not have any influence on the runtime behaviour of > the package to our current knowlege. As of now, the package on the openbsd > ftp server has not been removed/cleaned. > > The SuSE openssh package for SuSE Linux 8.0 has the same version 3.4p1, > but it is built from non-trojaned sources. Therefore, the SuSE openssh > packages are not affected by this backdoor. > > We thank our users who have expressed their concerns about the backdoor > when they notified SuSE Security, and to Len Rose from > [EMAIL PROTECTED] > > Regards, > Roman Drahtmüller, > SuSE Security. > - -- -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
