Mailinglist Archive: opensuse-security (375 mails)

< Previous Next >
lastest SuSE openssh update
  • From: Thomas Seliger <CRJLJAKTJORB@xxxxxxxxxxxxx>
  • Date: Wed, 11 Sep 2002 12:54:05 +0200
  • Message-id: <3D7F20CD.9030709@xxxxxxxxxxxxx>
Hi,

i just noted that there is a new openssh package (openssh-3.4p1-78.i386.rpm) flagged as "security fix". The description is:

"Description: Fix for a malfunction in sshd with relation to sshd
configuration option "PermitRootLogin forced-commands-only". This update
also contains security fixes from a former update"

So i guess youre only affected if you set PermitRootLogin to forced-commands-only in your sshd.conf

I guess im on the sure side when all my server have PermitRootLogin set to no. I quickly checked the openssh.org site, announce and dev lists, but didnt find any relevant details (didnt see any in Bugtraq and Vulndev also if i remember correctly, but i only did a quick check).

Are there any detailed informations about this issue? Or ist it SuSE specific (and if it is, im interested why :P )


Thanks,

Tom



< Previous Next >
Follow Ups