Hello again, Monday, February 26, 2001, 8:57:10 PM, you wrote: Thanks for answering all. Roman, You should admit that simple user as I am gets confused when sees that hes got qpoper 2.53 while eudora.com screams about bugs in 2.53 and need in urgent upgrade to 3.x. 3.1.2 has more features than patched suse`s 2.53 by the way. Sorry if posted lame info to list. RD> To make it short: RD> The qpopper and ssh bugs are non-present in the latest SuSE update RD> packages as found on the ftp server. RD> ssh is not compiled with the flag --with-rsaref in SuSE packages due to RD> licensing problems. RD> The qpopper from SuSE-7.1 is the latest available, 2.53 is a patched RD> version to work around licensing issues (thanks to the qualcomm guys who RD> allowed us to redistribute qpopper in the latest version). RD> Anyway, we learn that a security/vulnerability scanner is nice, but the RD> output has to be understood and interpreted.
Hello,
Saint says: "ssh versions 1.2.27 and earlier if compiled with the --with-rsaref option are vulnerable." ...
Best regards, Gediminas mailto:gedas@kryptis.lt