Hi Roman, On Monday 26 March 2001 15:06, you wrote:
If there is a security problem, we will fix it, especially if security-related software is concerned. The case of openssh is a mixed one: There is no imminent security threat with the versions we have out on the ftp server right now. Anyway, we have made updates, but we see some problems with them. Give us another few days and we'll have them fixed.
Great news. Another hour of work avoided ... ;-)
The packages will be provided for the SuSE distributions that included openssh already. The others will not see updates because the package may not even compile on them.
Yep. BTW, the suse spec file in the contrib subdirectory of openssh/portable on www.openssh.org is broken anyway, it has wrong man paths and rc scripts, doesn't install sftp-server, and insecurely uses /tmp as buildroot. It is probably time to update it.
... Anyway, it was a nice field test on how far you _could_ probably get with "social engineering" in security mailing lists. Maybe Kurt wants to write an article on that subject ...? ;-)
Ack. It's sad. I believe Kurt has some sad articles about this already... :-)
99% probability. BTW great work Kurt! ;-)
Thanks, Roman.
Regards, Martin -- Martin Leweling Institut fuer Planetologie, WWU Muenster Wilhelm-Klemm-Str. 10, 48149 Muenster, Germany Tel.: +49-251-83-33557 Fax: +49-251-83-39083 E-Mail (work): lewelin@uni-muenster.de