[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: openssh 3.1 & www.openbsd.org

To: <misc@openbsd.org>
Subject: Re: openssh 3.1 & www.openbsd.org
From: "Edvinas Maciulaitis" <edvinas@lanteka.lt>
Date: Fri, 8 Mar 2002 17:11:57 +0200
References: <20020308155333.A26806@outpost.zedz.net>

I guess it is negotiable question this is local or remote vulnerability :-) 

----- Original Message ----- 
From: "Alex de Joode" <usura@zedz.net>
To: <misc@openbsd.org>
Sent: Friday, March 08, 2002 4:53 PM
Subject: openssh 3.1 & www.openbsd.org


> 1) why didn't the anouncement of OpenSSH 3.1 contain at least
>    an advisory to upgrade as there was a hole in the previous
>    versions. people reading the anouncement would not think
>    "hey I *need* to upgrade".
> 
> 2) given the openssh hole, it might be needed to change the
>    OpenBSD website:
> 
>    "Four days without a remote hole in the default install!"
> 
>    or do the OpenBSD developers deem the hole not remote enough ?
> 
> -- 
> Exit! Stage Left!

References:
- openssh 3.1 & www.openbsd.org
  - From: Alex de Joode <usura@zedz.net>

Prev by Date: Re: make release fails: ${DESTDIR}/etc/ssh/ssh_config: No such file or directory
Next by Date: Re: openssh 3.1 & www.openbsd.org
Prev by thread: Re: openssh 3.1 & www.openbsd.org
Next by thread: Re: openssh 3.1 & www.openbsd.org
Index(es):
- Date
- Thread