OpenSSH heads-up
Mitch Collinsworth
mitch at ccmr.cornell.edu
Tue Sep 16 07:47:31 PDT 2003
Is this advisory available anywhere else? I'm continually getting
server timeout when trying to load this URL. Meanwhile www.openssh.org
doesn't seem to have any mention of the advisory. [?]
-Mitch
On Tue, 16 Sep 2003, Jacques A. Vidrine wrote:
> OK, an official OpenSSH advisory was released, see here:
> <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html >
>
> The fix is currently in FreeBSD -CURRENT and -STABLE. It will be
> applied to the security branches as well today. Attached are patches:
>
> buffer46.patch -- For FreeBSD 4.6-RELEASE and later
> buffer45.patch -- For FreeBSD 4.5-RELEASE and earlier
>
> Currently, I don't believe that this bug is actually exploitable for
> code execution on FreeBSD, but I reserve the right to be wrong :-)
>
> Cheers,
> --
> Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
> nectar at celabo.org . jvidrine at verio.net . nectar at freebsd.org . nectar at kth.se
More information about the freebsd-security
mailing list