On Sun, Jun 1, 2008 at 8:01 PM, Shachar Shemesh <[EMAIL PROTECTED]> wrote: > Actually, it's better to have the "security" repository after the isoc one. > This way, if both have the same package, you will get it from the > geographically closer one. > > But, yes, failing to have the security source in source.list will cause the > problem described.
Thanks everyone for your pointers to security.debian.org. I already have it in my sources.list. The version I have installed on that system now is: 1:4.3p2-9etch2 The version mentioned in the security advisory (http://www.debian.org/security/2008/dsa-1576) is 1:4.3p2-9etch1 The latest version available for the stable release is the one I have installed: http://packages.debian.org/etch/i386/openssh-client/download (1:4.3p2-9etch2), I couldn't find the security advisory which talks about it. I've reinstalled the package with "aptitude resintall openssh-client" and compared the new and old files and they are identical. I'm using i386 version. Just to make sure I also downloaded the .deb file directly from the link above (from packages.debian.org and re-installed it and still get exactly the same file to the original one. Any other ideas? > > Shachar Thanks, --Amos ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]