What is the procedure for patching/updating system version of OpenSSH on an FBSD 5.2.1 box?
I used the excellent Rootkit Hunter security assessment tool:
http://www.rootkit.nl/projects/rootkit_hunter.html
and it found that I'm running OpenSSH 3.6.1p1, which has at least one vulnerability.
I only know how to install/upgrade from ports. OpenSSH
is part of the ports collection, but the build I'm
running was included with the OS.
What's the right way to proceed here?
thanks
Someone please correct me if I'm wrong on this but I believe rkhunter is just checking the version 3.6.1 and doesn't account for the 'p1' part which refers to a FBSD patch that corrected the vulnerability rkhunter is referring to.
IOW, I don't think you need to update ssh on 5.2.1 if your motive is merely that rkhunter flagged it.
To be sure, check the older security advisories at freebsd.org and I bet you'll find a reference to it.
G _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"