So many things to check... Okay. Just checked at packages.ubuntu.com. Regarding CVE-2008-1657 - there is no USN - nothing is mentioned in the changelogs of the corresponding packages for Dapper/Feisty/Gutsy
The last update on those packages are from Kees on April 1st for CVE-2008-1483 as I see it; Hardy and Intrepid indeed have CVE-2008-1657 in the changelog. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2008-1483 -- [openssh] [CVE-2008-1657] possibility to bypass global "ForceCommand" directive https://bugs.launchpad.net/bugs/227322 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
