On Wed, Sep 17, 2003 at 11:46:21AM +1200, Nick Rout wrote:
http://slashdot.org/article.pl?sid=03/09/16/1327248&mode=thread&tid=126&tid=172
redhat appear to have fixed their binaries, and backported to previous versions.
gentoo fix here http://forums.gentoo.org/viewtopic.php?t=84879
The OpenSSH team have released another set of fixes for similar buffer management and fatal() flaws as OpenSSH 3.7.1. If you're updating, make sure your distribution's packages include these fixes too.
Anyone know if there's an update for RH7.1 Alpha? Red Hats' site doesn't mention one...
Greg
