If you happen to have a Rackspace box and use rackspace's RPMS, upgrade PAM to, as the openssh rpm adds a new security module that isn't in place with older PAMs.....
Whatever you do, do not log off your system until you are sure you can log into it! Trust me, I know! :-) On Tue, 2002-07-02 at 10:21, mike ledoux wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Jul 02, 2002 at 09:38:59AM -0400, Thomas M. Albright wrote: > > Can anybody help me find it? Or will I need to futz around with the > > SRPMs to make it work. Or (better still) are older versions of openssh > > not vulnerable? > > Well, I've built 3.4p1 RPMs for RH6.2 using the SRPM provided by the > OpenSSH folks, no problems. You need openssl 0.9.6 and openssl-devel > 0.9.6 (rpmfind.net, you want the ones from 'Libc6 Contribs') to build > it, and you'll need to change one line in the openssh.spec file to let > it know you're building for a RH6.x system. > > I really think you'd be better off building your own, but if you want > 'em, I can make the RPMs I've built available; they were compiled with > no Gnome, IPv6, or Kerberos5 crap, and are statically linked against > openssl 0.9.6, so they'll install on damn near any RH6.x system. > > - -- > [EMAIL PROTECTED] OpenPGP KeyID 0x57C3430B > Holder of Past Knowledge CS, O- > Put your wasted CPU cycles to use: http://www.distributed.net/ > "One world, one web, one program" Microsoft advertisement > "Ein Volk, Ein Reich, Ein Fuhrer" Adolf Hitler > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > Comment: The keyservers are broken. Get my valid public key from >http://www.volta.dyndns.org/~mwl/pgpkey.asc > > iD8DBQE9IbbZ5rgdHFfDQwsRArtbAJ9tvHfkODtHW+fXpTyDCy3jzUB/hQCff4tr > N9KmVMtGZLcHnZKH984LnhA= > =JJMt > -----END PGP SIGNATURE----- > > ***************************************************************** > To unsubscribe from this list, send mail to [EMAIL PROTECTED] > with the text 'unsubscribe gnhlug' in the message body. > ***************************************************************** ***************************************************************** To unsubscribe from this list, send mail to [EMAIL PROTECTED] with the text 'unsubscribe gnhlug' in the message body. *****************************************************************
