Release Engineering Status Report
Craig Boston
craig at meoqu.gank.org
Tue Sep 16 12:16:24 PDT 2003
On Tuesday 16 September 2003 12:14 pm, Ruben de Groot wrote:
> Fortunately, there's allready a patch in the source tree:
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1
>.1.1.6&r2=1.1.1.7&f=h
Yes, fortunately the patch is there. I noticed however that in the version
committed to the RELENG_4_8 branch, RCSID wasn't changed, so it's not
possible to use ident to tell if your libssh needs to be patched or not (both
old and new say 1.16)... Was that an oversight or should I be using some
other method to determine if I'm running a vulnerable version or not?
I also noticed the same thing with openssh-portable out of ports.
Thanks,
Craig
More information about the freebsd-stable
mailing list