Feh... figures... CERT in their typical lackadaisical way has managed to get the alert out as of today... finally - we might never have known about it otherwise.
http://www.cert.org/advisories/CA-2002-18.html
Printable View
Feh... figures... CERT in their typical lackadaisical way has managed to get the alert out as of today... finally - we might never have known about it otherwise.
http://www.cert.org/advisories/CA-2002-18.html
To: misc@openbsd.org
Subject: openssh
Date: Wed, 26 Jun 2002 08:44:09 -0600
From: Theo de Raadt <deraadt@cvs.openbsd.org>
X-Spam-Level:
X-Loop: misc@openbsd.org
Sender: owner-misc@openbsd.org
while dealing with this hole, markus niels and i found and fixed a
wide variety of other issues. 3.4 contains changes which we think
will matter significantly for security.
I would like to thank the portable guys for the hard work they put in
coping with this.
And I'd like the thank the vendors who jumped and mailed us privsep
code; it now works quite a bit better on a lot of systems. of course,
many vendors did not even respond at all.