On 27 Jun 2002 06:41:13 PDT mike wrote:
> On Thu, 2002-06-27 at 04:33, Philippe Lepot wrote: > > If any of you is running SSHD open to the Internet, a security > > flaw has been > > made public two days ago: > > http://www.securityspace.com/smysecure/catid.html?id=11031 > > Philippe, > The vulnerability details weren't released until yesterday (26 June). We > will have a new package based on OpenSSH 3.4 available in the near > future. It probably goes without saying, but anyone running a version of ssh prior to 3.4 that is open to the Internet as a whole should consider adjusting their firewall rules, to only allow ssh connections from networks they trust. That goes double for LEAF (or other) platforms that do not have a dedicated team to package security updates and need a bit more time to react. Security in layers is a Good Thing. My apologies if I am wasting bandwidth by stating the obvious. --Brad ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
