netbsd-announce: upgrade openssh to 3.3, or 3.2.1 + privilege separation

Subject: upgrade openssh to 3.3, or 3.2.1 + privilege separation
To: None <netbsd-announce>
From: None <itojun@iijlab.net>
List: netbsd-announce
Date: 06/25/2002 11:29:49

There was recently an annoucement of an openssh security problem.

A full fix will be available next week, and until then, it is
advised that you run the openssh daemon (sshd) with privilege
separation enabled.

Here is some advice for users of various versions of NetBSD:

	1.4/1.5 users - use pkgsrc. ie: pkgsrc/security/openssh/Makefile
					revision 1.73 (openssh-3.3.0.1).
	1.6_BETAx users - openssh shipped with 1.6_BETAx 3.2.1, with
		privilege separation enabled.
	current users - openssh shipped with current is 3.3, with
		privilege separation enabled.

itojun