Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
Re: [suse-security] Is openssh 2.9.9p2 on SuSE 7.3 secure?
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Fri, 13 Sep 2002 14:39:04 +0200 (MEST)
  • Message-id: <Pine.LNX.4.44.0209131435490.1926-100000@xxxxxxxxxxxx>
> > right, so you have to check rpm -q openssl/openssh --changelog for the
> > fixes. with all that you can hopefully figure out if your enviroment
> > is patched or not.
>
> The latest openssh rpms for SuSe 7.2 und 7.3 on ftp.suse.com are both
> dated July 01; since the openssl security announcement was released
> on July 30, openssh can't really be fixed, *if* it it is statically
> linked against the openssl libs, right?
>
> (Unless SuSE secretly fixed openssl *long* before the announcement...)
>
> I think a clarification would *really* be nice...

Guys, I must repeat: The SuSE security team does not read suse-security@
on a regular basis. It's good luck that I didn't skip this thread, so I've
seen it. But important things like this should _always_ be sent to
security@xxxxxxx or at least to one of the team members that you know is
present (thomas, krahmer, okir and myself).

You will see the new RPMs on the ftp server within hours.

> Martin

Thanks,
Roman.
--
- -
| Roman Drahtmüller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE Linux AG - Security Phone: // you need vision!"
| Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
References