On Wednesday 17 September 2003 05:57, Tim Connors wrote: > > exploit of OpenSSH. Linux is vulnerable. The remedy is to upgrade to > > OpenSSH 3.7p1 > > Don't do that. Update to your distributions latest update - as long as it > has the fix applied. > > Debian unstable has a backport to 1:3.6.1p2-6, because 3.7p1 is not ready > for debian yet, given that it has major PAM updates. > > Debian stable is a different version again, and can be got from: > deb http://security.debian.org/debian-security stable/updates main contrib > non-free or the like.
Yes but apparently this only fixes part of the problem: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=211205 has not been fixed yet in any debian packages. Anders -- This email was generated using KMail from KDE 3.1.3 on Debian GNU/Linux
