Subject: Re: How to update to the latest OpenSSH?
To: Manuel Bouyer <firstname.lastname@example.org>
From: Paul Hoffman <email@example.com>
Date: 12/04/2001 11:05:14
At 7:57 PM +0100 12/4/01, Manuel Bouyer wrote:
>On Tue, Dec 04, 2001 at 08:45:43AM -0800, Paul Hoffman wrote:
>> Greetings again. I'm running a stock 1.5.1 (not using -current). My
>> sshd reports itself as:
>> sshd version OpenSSH_2.5.1 NetBSD_Secure_Shell-20010219
>> So, here's a bunch of questions.
>> How do I upgrade it to the latest version that has the security bug
>> fixes in it? The current version seems to be 3.0.2, so I don't
>> imagine that I can do a simple patch in /usr/src.
>What's the problem with the 1.5.1 sshd ?
There is a security flaw that has been widely announced this morning.
I have worked around the flaw, but the question remains on how to
upgrade in a way that won't get lost later.
>Maybe you could just grab the 1.5.2 sources and compile from here ?
I don't think the new version is in the 1.5.2 sources have the newest
version, which came out in the last few days.