From owner-freebsd-questions  Tue Jun 25 10:36:20 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from dragoncrest.jasnetworks.net (dragoncrest.jasnetworks.net [65.194.254.12])
	by hub.freebsd.org (Postfix) with ESMTP id 95AE837B403
	for <freebsd-questions@freebsd.org>; Tue, 25 Jun 2002 10:35:57 -0700 (PDT)
Received: from works (works.jasnetworks.net [192.168.0.2])
	by dragoncrest.jasnetworks.net (8.12.3/8.11.6) with ESMTP id g5PHlbgh094832;
	Tue, 25 Jun 2002 13:47:38 -0400 (EDT)
	(envelope-from raiden23@netzero.net)
Message-Id: <4.2.0.58.20020625134233.009992b0@pop.netzero.net>
X-Sender: raiden23@pop.netzero.net
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 
Date: Tue, 25 Jun 2002 13:43:33 -0400
To: Christopher Schulte <schulte+freebsd@nospam.schulte.org>,
	Marco Radzinschi <marco@radzinschi.com>,
	FreeBDS-Questions <freebsd-questions@freebsd.org>
From: Lord Raiden <raiden23@netzero.net>
Subject: Re: Upcoming OpenSSH vulnerability (fwd)
In-Reply-To: <5.1.1.6.2.20020624224948.02923518@pop3s.schulte.org>
References: <20020624234646.G22328-100000@mail.radzinschi.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

         Ok, well we're still running OpenSSH 3.1 from the last security 
upgrade recommendation.  Should we go straight to 3.3 or wait for the final 
fix?

         Secondly how do you enable this priv separation thing in the 
config file?  I'm unfamiliar with that.

At 10:51 PM 6/24/02 -0500, Christopher Schulte wrote:
>At 11:47 PM 6/24/2002 -0400, Marco Radzinschi wrote:
>
>>I thought this might be of interest to some people on the list...
>>
>>---------- Forwarded message ----------
>>Date: Mon, 24 Jun 2002 15:00:10 -0600
>>From: Theo de Raadt <deraadt@cvs.openbsd.org>
>>To: bugtraq@securityfocus.com
>>Cc: dsi@iss.net, announce@openbsd.org, misc@openbsd.org
>>Subject: Upcoming OpenSSH vulnerability
>>
>>There is an upcoming OpenSSH vulnerability that we're working on with
>>ISS.  Details will be published early next week.
>
>[snip]
>
>Check over on -security, there is a very heated discussion happening right 
>now.
>
>--
>Christopher Schulte
>http://www.schulte.org/
>Do not un-munge my @nospam.schulte.org
>email address.  This address is valid.
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message


- The Raiden Knows

"Remember amateurs built the ark  -- professionals built the Titanic." - 
Unknown

"Just when you think you have life figured out and all is going well, watch 
your step, for you are about to fall." - Ancient Proverb

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message