Re: SSL Buffer Overflow Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: SSL Buffer Overflow Vulnerability
From: Patrick Boutilier <boutilpj@xxxxxxxxxxx>
Date: Thu, 27 May 2004 07:49:36 -0300
In-reply-to: <5363E6266D206F49BE6BEBCD7408EA88053D4CC8@hqw0prod1vcs08.prod.ent.pbgc.gov>
References: <5363E6266D206F49BE6BEBCD7408EA88053D4CC8@hqw0prod1vcs08.prod.ent.pbgc.gov>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040514

Chalonec Roger wrote:

Our security folks detected an openSSH vulnerability in a fully patched
FC1.  They said that it was running version 3.7.0 and needed to go to
3.7.1 .  Should this be the case if FC1 is fully patched?  Can anyone
point me to directions on how to upgrade to 3.7.1 or recommend a better
openSSH version?

FC1 comes with OpenSSH_3.6.1p2 so if you are running 3.7.0 you installed another version, perhaps from source.


Thanks,

Roger

References:
- SSL Buffer Overflow Vulnerability
  - From: Chalonec Roger

Prev by Date: Re[2]: Vncserver setup
Next by Date: Re: SSL Buffer Overflow Vulnerability
Previous by thread: SSL Buffer Overflow Vulnerability
Next by thread: Re: SSL Buffer Overflow Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]