Re: Security question: are these vulnerabilities addressed?

On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: Douglas Allan Tutty [EMAIL PROTECTED] writes: On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: Postgres completely fell apart, and it took many hours to piece things back together. Did you have a postgres dump

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty [EMAIL PROTECTED] writes: On Sun, Jun 03, 2007 at 12:50:51AM -0400, Scott Gifford wrote: Douglas Allan Tutty [EMAIL PROTECTED] writes: On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: Postgres completely fell apart, and it took many hours to piece things

Re: Security question: are these vulnerabilities addressed?

On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: Andrew Sackville-West [EMAIL PROTECTED] writes: On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: Kamaraju S Kusumanchi [EMAIL PROTECTED] writes: Our upgrade from Woody to Sarge was so disastrous, I will need more

Re: Security question: are these vulnerabilities addressed?

Douglas Allan Tutty [EMAIL PROTECTED] writes: On Fri, Jun 01, 2007 at 12:07:23AM -0400, Scott Gifford wrote: Andrew Sackville-West [EMAIL PROTECTED] writes: On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: Kamaraju S Kusumanchi [EMAIL PROTECTED] writes: Our upgrade from

Re: Security question: are these vulnerabilities addressed?

Andrew Sackville-West [EMAIL PROTECTED] writes: On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: Kamaraju S Kusumanchi [EMAIL PROTECTED] writes: [...] BTW, is upgrade to Etch from Sarge not an option in your case? Our upgrade from Woody to Sarge was so disastrous, I will

Re: Security question: are these vulnerabilities addressed?

On Wed, May 30, 2007 at 12:23:46AM -0400, Scott Gifford wrote: Kamaraju S Kusumanchi [EMAIL PROTECTED] writes: Scott Gifford wrote: CVE-2006-0225OpenSSH Local SCP Shell Command Execution From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch machine running

Security question: are these vulnerabilities addressed?

Hello, The managers of a facility where we house some Debian servers recently ran a vunlerability scan against our up-to-date Sarge servers, and reported vulnerabilities in the version of OpenSSH we were running. I assume that these issues have been fixed or do not apply to Debian's OpenSSH, but

Re: Security question: are these vulnerabilities addressed?

Scott Gifford wrote: CVE-2006-0225OpenSSH Local SCP Shell Command Execution From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 No idea about other stuff. BTW, is upgrade to Etch from Sarge not an

Re: Security question: are these vulnerabilities addressed?

Kamaraju S Kusumanchi [EMAIL PROTECTED] writes: Scott Gifford wrote: CVE-2006-0225OpenSSH Local SCP Shell Command Execution From /usr/share/doc/openssh-server/changelog.Debian.gz on Debian Etch machine running openessh-server 4.3p2-9, this was fixed in 1:4.3p2-1 Thanks, from the bug