Paul Baker <[EMAIL PROTECTED]> writes: > So as it turns out, AFAIK, none of the versions of OpenSSH in Debian > were actually vulnerable to the exploit found by ISS and reported in > DSA-134
The 3.3p1 packages are vulnerable in some configurations. :-( -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
