Greetings:

I have several RH-9 servers that I'd like to migrate to FreeBSD 4.9 latter this year. So I put up a test 4.9 server to get fully acquainted before heading off to a new universe [grin].

My Question: I read a CERT notification about the OpenSSH vulnerability (just a few days ago) so if needed, I'd like to apply an upgraded OpenSSH to the FreeBSD server. But when I went to the freebsd.org's errata page (http://www.freebsd.org/releases/4.9R/errata.html), I didn't see a reporting of the OpenSSH vulnerability.

Is FreeBSD's OpenSSH not vulnerable then? (I guess not??)

However... where is OpenSSH?

After running cvsup and "make index && make readmes", I ran "pkg_version -v". The output showed that all of my installed programs were up to date with the ports (am I reading this right?).

I ran "pkg_info" and there was no OpenSSH, only "OpenSSH-askpass".

[BTW, here is my supfile]
*default host=cvsup6.FreeBSD.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=RELENG_4_9
*default delete use-rel-suffix

On my Redhat boxes I just run "apt-get" and the patched OpenSSH packages are right there.

I'm fairly new at FreeBSD so please forgive my stumblings about :)

Thank you,

Michael


_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to