OpenSSH security fix
Red Hat's Errata Page:
To upgrade, run the following commands (for Debian and RedHat)
apt-get update
apt-get install openssh
Please make sure your SSH daemons are either patched or upgraded.
Word,
-Chris
3 Replies
@updates.redhdat.com:
There are too many connected users, please try later.
weeee……
Has anyone ever used lsh
Kenny
> - –----------------------------------------------------------------------
Debian Security Advisory DSA-382-2
security@debian.org
http://www.debian.org/security/ Wichert AkkermanSeptember 17, 2003
Package : ssh
Vulnerability : buffer handling
Problem type : possible remote
Debian-specific: no
CVS references : CAN-2003-0693 CAN-2003-0695
This advisory is an addition to the earlier DSA-382-1 advisory: two more
buffer handling problems have been found in addition to the one
described in DSA-382-1. It is not known if these bugs are exploitable,
but as a precaution an upgrade is advised.
For the Debian stable distribution these bugs have been fixed in version
1:3.4p1-1.woody.2 .
Please note that if a machine is setup to install packages from
proposed-updates it will not automatically install this update.
apt-get update
apt-get install openssh
Also note that I haven't updated the distros to contain these (and potentially other) security fixes. First thing out the door you should do with any new install is make sure it is up to date. (apt-get update; apt-get upgrade)
-Chris