Is there a plan to release an update for this vulnerability in Sarge? I
see an updated openssh-krb5 package for Sarge but no update for the
non-krb5 ssh daemon.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: openssh
Version: 1:4.3p2-3
Severity: important
Tags: security patch
A denial of service (cpu consumption) vulnerability has been found in openssh if
protocol 1 is enabled.
See
http://secunia.com/advisories/22091/
for details and patches.
AFAICS protocol 1 is disabled by default, ther
2 matches
Mail list logo
