On Tue, Sep 16, 2003 at 08:58:24PM -0700, Bryan P wrote:
> On the distinguished day of Sep 16, Alan Horn wrote:
> 
> > On Tue, 16 Sep 2003, Mark wrote:
> ...
> > there is an OpenSSH advisory along with a patch to buffer.c describing
> > the vulnerability.
> >
> > http://www.openssh.com/txt/buffer.adv
> 
> Okay, so I've been watching this with the few spare cycles I've had today,
> firstly disabling sshd and secondly waiting for the security advisory.
> Since I haven't seen it yet, and would like to patch and reenable sshd as
> soon as possible, I'd like a quick 2-liner HOWTO... what do I need to do to
> be sure I've got the right patched sshd built?  I'm running 1.6.1_STABLE.
> 
> Basically, is it: cvs up -d in crypto/dist/ssh and make install?

what I did on my 1.6.1-ish box:

cd /usr/src
./build.sh -t   # make sure tools are up to date
cd /usr/src/crypto/dist/ssh
cvs -q update -dP
cd /usr/src/usr.bin/ssh
/usr/tools/bin/nbmake-i386      # your tools are probably elsewhere
sudo /usr/tools/bin/nbmake-386 install  # su to root if you don't have sudo
sudo /etc/rc.d/sshd restart


Hope this helps.

+j

-- 
Jeff Rizzo                                         http://boogers.sf.ca.us/~riz