[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Theo Zourzouvillys wrote:
Arghghghghhghgh this is the week of serious bugs!!
Theo de Raadt announced that the OpenBSD team is working with ISS on a remote exploit for OpenSSH (a free implementation of the Secure SHell protocol). They are refusing to provide any details on the vulnerability but instead are advising everyone to upgrade to the latest release, version 3.3.
Seems ISS treat them better than the Apache team, or maybe they learnt their lesson? Haven't seen anything suggesting the Apache bug is exploitable on Linux, but I wouldn't take the chance.
Theo made it very clear this new version does not fix the vulnerability
This doesn't sound like good news. :( -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.