Florian Weimer <[EMAIL PROTECTED]> writes: > Wichert Akkerman <[EMAIL PROTECTED]> writes: > >> Definitely. I really wish we could do more but the complete lack >> of more information we have make things difficult. Backporting >> OpenSSH 3.3p1 to to potato is also slightly complicated by missing >> build dependencies, but we hope to have packages ready sometime >> tomorrow. > > Is this worth the effort if there's still a remote nobody exploit? > At least that's the way understand the DSA.
Well, it appears if OpenSSH 1.2.3 was *not* vulnerable, so the whole exercise was rather pointless. Thanks, Theo. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
