Mailinglist Archive: opensuse (1047 mails)

< Previous Next >
Re: [opensuse] openSUSE-SU-2016:0145-1: critical: openssh - why patch OpenSSH_6.2p2 and not install OpenSSH_7.1p2?
On Mon, Jan 18, 2016 at 9:13 PM, David C. Rankin
<drankinatty@xxxxxxxxxxxxxxxxxx> wrote:
Makes sense... I guess it's a damned if you do/damned if you don't
situation. Yes the stability logic makes sense, but it also cuts the other
way with the potential avenues for exploit that have been closed by design
within the new version... I guess it is better the devil you know here...

Security fixes are backported to older versions of OpenSSH on many
GNU/Linux distributions. You get the best of both worlds, stability
and security.

Brandon Vincent
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >