On Wed, 2003-09-17 at 21:23, Kevin Sonney wrote: > Brian Daniels <[EMAIL PROTECTED]> writes: > > All versions of OpenSSH's sshd prior to 3.7.1 contain buffer > > management errors. It is uncertain whether these errors are > > potentially exploitable, however, we prefer to see bugs > > fixed proactively. > > As a reminder, Red Hat's RPM packages are back ports of the fix to the > version of ssh that shipped with Red Hat Linux and Red Hat Enterprise > Linux (as applicable). Remind your clients/friends of that when they > complain about Red Hat (and other vendors) not shipping the "current" > package versions. > > Just a little FYI *grin*
Hay, it's "Open Source." Anyone can darn well install any version of OpenSSH they want. If they need hand holding, they can just wait or search for it on Freshmeat! What RH does is above and beyond the call of duty. It's why I buy every major version once the box comes out - even though I've already installed it from my burned ISO's weeks ago. Jon -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
