[NCLUG] Nasty-bad OpenSSH Exploit

Sean Reifschneider jafo-nclug at tummy.com
Thu Jun 27 14:06:01 MDT 2002


On Wed, Jun 26, 2002 at 10:16:44AM -0600, Michael Dwyer wrote:
>Executive summary:  Turn off SKey, turn on PriviledgeSeparation, or
>upgrade to 3.4.  Upgrade to 3.4 anyway, to miss some other bugs they
>found.

The RedHat RPMs aren't (as far as I can tell) vulnerable.  We're waiting to
upgrade to 3.4 until some of the issues with it are worked out.  3.4 is
much more than just the security fixes, and IMHO there are too many changes
in it.

Sean
-- 
 Program *INTO* a language, not *IN* it.
                 -- David Gries
Sean Reifschneider, Inimitably Superfluous <jafo at tummy.com>
tummy.com - Linux Consulting since 1995. Qmail, KRUD, Firewalls, Python



More information about the NCLUG mailing list