I'm going to write my "Thank You Theo" to the man. I hope his mailbox
fills with another 10,000,000 email like mine to which he does not need
to respond.
On Tue, 2003-09-16 at 16:16, Andy Wood wrote:
> Well maybe he's had to answer 10,000,000 email on it, which if he
> doesn't respond he'll
- Original Message -
From: "Daniel Berg" <[EMAIL PROTECTED]>
To: "Carl Livitt" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, September 16, 2003 11:22 PM
Subject: Re: [Full-Disclosure] The lowdown on SSH vulnerability
> Nice conversa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 16 Sep 2003 2:09 pm, Carl Livitt wrote:
> There _is_ a patch:
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1
>.1.1.6&r2=1.1.1.7&f=h
- From the changelog for the release for todays version of openssh 3.7
At 01:09 PM 9/16/2003 +, you wrote:
There _is_ a patch:
http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h
Heh - hopefully people will thank Theo greatly for such a timely release ;)
--
B.K. DeLong
[EMAIL PROTECTED]
+1.617.797.2472
http://ocw.mit
Nice conversation, makes clear why Theo is loved by so many people.
So what we know now is that possibly core devices like Firewalls and
Switches and whatnot could be attacked as well. Can anyone confirm this?
Any suggestions on how to workaround this?
Cheers
Daniel
On Tue, 2003-09-16 at 14:25
On Tue, 16 Sep 2003, Carl Livitt wrote:
;
; There _is_ a patch:
;
;
http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h
There is also new openssh released:
ftp://ftp1.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.7p1.tar.gz
--
. Robert
Well maybe he's had to answer 10,000,000 email on it, which if he
doesn't respond he'll get the same press as you're giving up. Maybe he's
swamped with other contributions to the computing industry. Seeing that yer
so tireless why don't you learn to write patches instead of just squawking
There _is_ a patch:
http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h
Carl.
On Tuesday 16 September 2003 12:25, Carl Livitt wrote:
> Straight from the horses mouth, this is a snippet of an email conversation
> I just had with Theo Deraadt:
>
>