As I know from an announcement V3.4 should have compression enabled. The early 3.3 had no support and no full pam-support. If they did not get it working in 3.4, other features may not work as well. This would be a bad thing!
If true, the V3.4 is still a beta or alpha!
Even the exploit was not that discussed, were the problem is. Official posts on www.openssh.orgh say, that old version with SuSE Standard-seetings are not affected! So why update to an incompleted fix?
Second thing is, why does SuSE build packages for 2.4 kernel on 2.2 machines (this was done for openssh 3.4, as I read all posts)?
Our build farm builds packages in chrooted environments. This is one out of 4000 cases where the running kernel version matters, and, frankly, we think it's braindead. We have had another problem almost two years ago where a build script in some package remounted /proc read-only in the chroot environment. No problem for 2.2 kernels, the /proc outside the chroot is untouched. In 2.4 though, all mounted proc filesystems change options. If you want to have that kind of flexibility, you have to workaround some problems sometimes.
Philippe
Thanks,
Roman.
--
- -
| Roman Drahtmüller