from the secret journal of Aaron Dewell ([EMAIL PROTECTED]): > > You could just recompile it yourself. I don't even use any of the Debian > SSH packages anymore, they are mostly out-of-date anyway. The current > SSH2 in woody is 2.0.13, for example. I just download the source and > compile it myself for those kind of things. > > There's another good point to that: Anything that intimitely connected > with your system security should be done by hand anyway.
unless you need it done to many machines at once. that's why all of our production servers don't run slackware like they did in 97. > > Actually, if someone wants to give me a hint on how to use the dpkg tool > to build things (never done it before!) and how to upload the compiled > versions, I'd re-contribute the packages. put deb-src lines (see below) in your sources.list. now, let's say that proftpd has a security hole thats fixed in unstable but you're running testing. assuming you already have debhelper and dpkg-dev installed, this is all you have to do: # fakeroot apt-get source -b proftpd this leaves you with a proftpd package with the security fixes built for your specifc system. i run with deb-src lines for unstable, but for what you're doing, a deb-src line for security.debian.org might be all you need. deb-src http://http.us.debian.org/debian unstable main contrib non-free deb-src http://non-us.debian.org/debian-non-US unstable/non-US main contrib \ non-free -- jacob kuntz [EMAIL PROTECTED] underworld.net/~jake
