Re: FreeBSD Security Advisory: FreeBSD-SA-01:01.openssh

From: Kris Kennaway (kris@FreeBSD.ORG)
Date: 01/16/01


Date: Mon, 15 Jan 2001 21:21:01 -0800
From: Kris Kennaway <kris@FreeBSD.ORG>
To: Dan Langille <dan@langille.org>


On Tue, Jan 16, 2001 at 06:09:51PM +1300, Dan Langille wrote:
> On 15 Jan 2001, at 14:29, FreeBSD Security Advisories wrote:
>
> > [Ports collection]
> >
> > One of the following:
> >
> > 1) Upgrade your entire ports collection and rebuild the OpenSSH port.
> >
> > 2) Deinstall the old package and install a new package dated after the
> > correction date, obtained from:
> >
> > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/security/openssh-2.2.0.tgz
> > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/security/openssh-2.2.0.tgz
> > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/security/openssh-2.2.0.tgz
> > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/security/openssh-2.2.0.tgz
> > ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/security/openssh-2.2.0.tgz
>
> I have not checked the other files, but
>
> ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-
> stable/security/openssh-2.2.0.tgz
>
> is not available.

Oops. That's probably because the port refuses to build on >=4.0 since
it's already in the base system.

Kris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Relevant Pages

  • Re: ports/126853: ports-mgmt/portaudit: speed up audit of installed packages
    ... I think it won't be very hard: I'll try to see how to extend portaudit ... port sources to give the port version that includes both mentioned ... Affected package: ruby-1.8.6.111_4,1 ... Download is made in the mirror mode, ...
    (freebsd-hackers)
  • Re: Strange capture of my eth0 interface.
    ... but I doubt if there is any connection. ... so I did a fresh install. ... > then seeing that the package manager does indeed detect the switch - don't ... > Port numbers are like telephones. ...
    (comp.os.linux.security)
  • Re: amd64 questions
    ... so if you want to install a 64 bit package ... install of a 32-bit pkg with its dependencies. ... them (ie libraries in /usr/lib32). ... have a broken copy of the tarball the port is using. ...
    (freebsd-hackers)
  • Re: amd64 questions
    ... amd64 object files. ... so if you want to install a 64 bit package ... My copy of the port sets that for amd64 already. ...
    (freebsd-hackers)
  • Re: Do VPN connections effectively bypass Firewalls?
    ... Destination port: 80 ... Where the internal IP would be NAT'd by the firewall ...
    (comp.security.firewalls)