"Thomas May" <[EMAIL PROTECTED]> writes:

> i have installed freebsd 5.2.1 from the iso image. Openssh 3.6.1p1 and
> openssl 0.97c has been installed.

Right.

> Because they have holes I want to install the newest ones.

All of the known holes were patched at the time of release.  There are
FreeBSD-specific additions to the version banner in order to
differentiate it from the original OpenSSH releases in which the
security issues existed.  To the best of my knowledge, no new security
issues have come up in either openssh or openssl since FreeBSD 5.2.1
was released.

In other words, you probably do *not* have any security holes in
either one.

> If I install the openssl port or the openssh port, the update doesn't work.

That isn't specific enough for me to help you with.

> I also try the openssh-portable port with the new version, but it also shows
> me the old version.

It sounds as though /usr/bin comes before /usr/local/bin on your path,
so if you just type "ssh" you will get the old version.  Try
"/usr/local/bin/ssh -V" and you will probably see the version number
for the ssh installed from ports.

Since you apparently aren't acquainted with the idea of a search path,
you probably should start by getting up to speed on Unix before trying
to deal with security topics; you are likely to make things worse
rather than better.  An excellent starting place is
http://www.freebsd.org/projects/newbies.html#fbsd
particularly the "For People New to Both FreeBSD and Unix" tutorial.

Good luck.
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to