Home » Mailing list archives » netbsd-announce » 2002 » June » 24

upgrade openssh to 3.3, or 3.2.1 + privilege separation

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: <itojun@...>
Subject: upgrade openssh to 3.3, or 3.2.1 + privilege separation
Date: Monday, June 24, 2002 - 10:29 pm

There was recently an annoucement of an openssh security problem.


A full fix will be available next week, and until then, it is

advised that you run the openssh daemon (sshd) with privilege

separation enabled.


Here is some advice for users of various versions of NetBSD:


	1.4/1.5 users - use pkgsrc. ie: pkgsrc/security/openssh/Makefile

					revision 1.73 (openssh-3.3.0.1).

	1.6_BETAx users - openssh shipped with 1.6_BETAx 3.2.1, with

		privilege separation enabled.

	current users - openssh shipped with current is 3.3, with

		privilege separation enabled.


itojun
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
NetBSD Fundraising Campaign 2007, Mindaugas Rasiukevicius, (Tue Aug 14, 3:34 pm)
New NetBSD/amd64 snapshot, Frank van der Linden, (Sat May 10, 2:38 pm)
NetBSD logo design competition, Luke Mewburn, (Tue Jan 13, 8:46 pm)
NetBSD Security Advisory 2004-009: ftpd root escalation, NetBSD Security-Officer, (Tue Aug 17, 1:48 pm)
Quarterly Status Report: July - September 2004, Jan Schaumann, (Tue Oct 5, 1:24 pm)
Announcing the release of NetBSD 2.0, James Chacon, (Thu Dec 9, 4:30 pm)
mail-index.NetBSD.org has been revamped, S.P.Zeidler, (Mon Feb 11, 6:00 pm)
NetBSD Quarterly Status Report - 2005Q1, Jan Schaumann, (Fri Apr 8, 12:45 pm)
How to help NetBSD help you., Thor Lancelot Simon, (Sun Jun 12, 5:55 pm)
NetBSD Security Advisory NetBSD-SN20050708-1: NetBSD base sy..., NetBSD Security-Officer, (Mon Jul 11, 12:31 pm)
NetBSD and the Google "Summer of Code" Summary, Jan Schaumann, (Sun Oct 16, 1:56 pm)
More interviews about packaging systems , Mark Weinem, (Thu Mar 13, 9:31 pm)
The NetBSD Foundation Moves to a Two Clause BSD License, Alistair Crooks, (Fri Jun 20, 12:10 pm)
NetBSD Security Advisory 2009-008: OpenSSL ASN1 parsing deni..., NetBSD Security Officer, (Wed Jul 8, 12:45 am)
The pkgsrc-2008Q4 Release, Alistair Crooks, (Mon Jan 12, 2:09 am)
NetBSD Status Report: July - December 2005, Jan Schaumann, (Tue Jan 31, 11:01 am)
Announce: NetBSD gets permission to incorporate POSIX(R) mat..., Hubert Feyrer, (Wed Feb 15, 4:14 pm)
cvsweb is temporarily offline, SODA Noriyuki, (Mon Mar 27, 9:03 am)
NetBSD 4.0 release cycle, Martin Husemann, (Tue Apr 11, 2:49 pm)
Summary of Changes to the NetBSD Packages Collection in Febr..., Alistair Crooks, (Fri Mar 22, 4:32 pm)
NetBSD feature end-of-life announcement: soft dependencies, Andrew Doran, (Sat Dec 13, 5:51 pm)
upgrade openssh to 3.3, or 3.2.1 + privilege separation, , (Mon Jun 24, 10:29 pm)
NetBSD Security Advisory 2006-016: IPv6 socket options can c..., NetBSD Security-Officer, (Thu Jun 8, 5:43 pm)
NetBSD 5.0_RC4 binaries available for download, Soren Jacobsen, (Thu Apr 16, 3:46 pm)
NetBSD Security Advisory 2006-018: sail(6), dm(8) and tetris..., NetBSD Security-Officer, (Thu Aug 10, 4:30 pm)
NetBSD Security Advisory 2008-010: Malicious PPPoE discovery..., NetBSD Security-Officer, (Tue Aug 26, 10:12 am)
NetBSD 5.0_RC3 binaries available for download, Soren Jacobsen, (Sat Mar 21, 4:49 pm)
Anonymous CVS users please note: modules are being merged, Perry E. Metzger, (Thu Dec 19, 12:56 pm)
(unknown), John Nemeth, (Wed May 16, 2:40 pm)
The pkgsrc-2007Q2 Release, Alistair Crooks, (Sun Jul 1, 6:29 am)
Re: cvsweb is temporarily offline, SODA Noriyuki, (Tue Mar 28, 4:41 am)