[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Upcoming OpenSSH vulnerability
On Tue, Jun 25, 2002 at 01:32:40PM +1000, email@example.com said:
> On Mon, 24 Jun 2002, Theo de Raadt wrote:
> > However, everyone should update to OpenSSH 3.3 immediately, and enable
> OK. Can someone in the know please post some instructions on the approved
> patching method?
> I see nothing in http://www.openbsd.org/errata.html about this, nor can I
> find any useful CVS tags in src/usr.bin/ssh... The FAQ at OpenSSH.com is
> also strangely quiet on the issue of upgrading.
I've upgraded 3 machines so far today. One of them had been 3.0 and went to
3.1 prior to the OpenSSH upgrade; the other two were running 3.1. I first did
a 'cd /usr; cvs checkout -P -rOPENBSD_3_1 src' and followed the build
instructions from OpenSSH.org, but 'ssh -V' still returned 3.2.3 after that.
So I went and grabbed openssh-3.3.tgz from the local ftp mirror, exploded it
in /usr/src/usr.bin/ssh and followed the build instructions (again). This
time, it worked (actually worked 3 of 3 times, since I tried from CVS source
all 3 times first).
I probably goofed something up when trying to build from CVS; pulling the
tarball worked best for me. YMMV.
privsep works great now; 3.3 is running perfectly on all 3 boxes.
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui
[demime 0.98d removed an attachment of type application/pgp-signature]