[SECURITY] [DSA 141-1] New mpack packages fix buffer overflow

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 141-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze August 1st, 2002 -

Re: openssh-3.4p1.tar.gz on ftp.openbsd.org trojaned

See also: http://online.securityfocus.com/archive/75/285547/2002-07-30/2002-08-05/0/ -- Roberto Gordo - Free Software Engineer Linalco Especialistas Linux y en Software Libre Tel: +34-91-5970074 Fax: +34-91-5970083

Re: (fwd) OpenSSH trojan!

I installl my Debian system on 29th July. and i get the packets from mirror security.debian... as anyone can say , should i be worried.? On Thu, 1 Aug 2002, Dale Amon wrote: On Thu, Aug 01, 2002 at 03:06:47PM -0500, Daniel J. Rychlik wrote: Should debian users be worried if they only

Re: (fwd) OpenSSH trojan!

On Fri, Aug 02, 2002 at 02:27:11PM +0300, Halil Demirezen wrote: I installl my Debian system on 29th July. and i get the packets from mirror security.debian... as anyone can say , should i be worried.? as the others said, no. only Openbsd source package has been trojaned -- Tab

Re: (fwd) OpenSSH trojan!

Vincent Hanquez [EMAIL PROTECTED] writes: as the others said, no. only Openbsd source package has been trojaned No, both 3.4p1 and 3.2.2p1 (portable versions) have been changed, too. -- Florian Weimer[EMAIL PROTECTED] University of Stuttgart

Re: (fwd) OpenSSH trojan!

On Fri, Aug 02, 2002 at 03:36:53PM +0200, Florian Weimer wrote: Vincent Hanquez [EMAIL PROTECTED] writes: as the others said, no. only Openbsd source package has been trojaned No, both 3.4p1 and 3.2.2p1 (portable versions) have been changed, too. sorry i've forget a word. I was speaking

Re: (fwd) OpenSSH trojan!

I wanna make it clear. We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f and we installed the ssh from the deb packages using apt-get install utility. I wonder if there is any risk on this stable version of OpenSSH (Debian) undependent from openbsd's source

Re: (fwd) OpenSSH trojan!

Halil Demirezen [EMAIL PROTECTED] writes: and we installed the ssh from the deb packages using apt-get install utility. I wonder if there is any risk on this stable version of OpenSSH (Debian) undependent from openbsd's source tarball? There isn't an easy way to determine whether a Debian

Re: (fwd) OpenSSH trojan!

On Fri, Aug 02, 2002 at 05:10:11PM +0300, Halil Demirezen wrote: I wanna make it clear. We are using OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f and we installed the ssh from the deb packages using apt-get install utility. I wonder if there is any risk

Re: Question on the safety sharing NFS with untrusted machines.

Hello, there is a Debian-Package ssl-nfs (or secure-nfs) in the Mirror... It is much more save the all other trics with your Networks. Michelle Am 13:07 25/07/02 -0500 hat Dast geschrieben: Hello all, So my question is, is it safer to host the NFS from the DMZ and mount remotely on machines

PGP

G jq q

PGP

-BEGIN PGP SIGNED MESSAGE- Hello, I have recently setup PGP on my Debian server at home. I have setup Exim for relay of 3 hosts. I would like to be able to include pgp signature signing for the three hosts. My wife uses Outlook for her email and I was wandering if their was a way