Am Donnerstag 01 August 2002 06:23 schrieb Michael D. Schleif: > Dan Harkless wrote: > > Argh. I tried to forward the below CERT advisory to the list yesterday > > but it was rejected because I used a MIME-based forward. The list > > rejects such posts without bouncing them back to you, which is quite > > broken behavior, thus I need to re-compose this intoductory text. > > > > Looking at the series of OpenSSL vulnerabilities discussed below, it > > would *appear* that OpenSSH is not affected by them (a Bugtraq search and > > a look at <http://www.openssh.org/security.html> didn't reveal a more > > canonical answer). > > > > However, if there are *any* known security holes in libssl, it would seem > > like a good idea for someone to recompile ssh.lrp and sshd.lrp with > > OpenSSL 0.9.6e when they have a chance. It appears that at least some > > Linux distros have released new OpenSSH packages built against the fixed > > OpenSSL. > > Already done - yesterday: > > > <http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/helices/openssh/ >> > > Message-ID: <[EMAIL PROTECTED]>
With all respect Michael Regarding to the news today http://lwn.net/Articles/6524/ I want to ask, if we can shure the version in your leaf-cvs isn't affected? regards kp ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html