Date: 16 Sep 2003 15:26:08 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.no-ip.com> To: Johan Paul <mailing-lists@johanpaul.com> Cc: freebsd-questions@freebsd.org Subject: Re: Upgrading sshd? Message-ID: <44u17cr0vj.fsf@be-well.ilk.org> In-Reply-To: <3F67392B.5010200@johanpaul.com> References: <3F67392B.5010200@johanpaul.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Johan Paul <mailing-lists@johanpaul.com> writes: > Refering to the latest sshd vurnability > (http://slashdot.org/articles/03/09/16/1327248.shtml?tid=126&tid=172) > I was thinking of upgradeing my sshd as well. So I cvsup'ed my system > (FBSD 4.8) and there seems to be a updated file for sshd. But how do I > upgrade sshd safly since when I type 'pkg_info |grep ssh' it return no > packages. I guess sshd is included somehow by the default install (??) > but how can I now upgrade it? I was thinking of portupgrade, but it > needs a package to upgrade... Right. openssh is part of the base system, and not normally installed as a package. There is a security advisory newly out on the usual FreeBSD mailing lists, and it gives instructions on fixing just this one problem, but it's probably better to update the whole system when you get a chance. [Note that this vulnerability does *not* give attackers an opportunity to run their code on your system.]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44u17cr0vj.fsf>