On Thu, Oct 30, 2003 at 10:22:06AM -0800, Kris Kennaway wrote: > Please read the security advisory.
I've read the advisory. It states a couple of workarounds (which I enabled at the time anyway) and also states that the problem is rectified in -STABLE beyond a certain date. However, looking at the openssh advisory's, the only fix is to be running a version 3.7.1p1 or later. So I'm confused. Have the FreeBSD team backported these fixes into 3.5.1 ? One of my problems is that some of my clients occasionally have 3rd parties perform penetration testing on our servers. I need an explanation for when the 3rd party comes back and says that I am running a vulnerable ssh. Regards, -- Wayne Pascoe Everything to excess. To enjoy the flavour of life, take big bites. Moderation is for monks. - Robert Heinlein _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"