From owner-freebsd-security Mon Jun 24 19:33:19 2002 Delivered-To: freebsd-security@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 1488637B401 for ; Mon, 24 Jun 2002 19:33:13 -0700 (PDT) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.3/8.12.3) with ESMTP id g5P2XCDK009483; Mon, 24 Jun 2002 22:33:12 -0400 (EDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.3/8.12.3/Submit) id g5P2XBZi009480; Mon, 24 Jun 2002 22:33:11 -0400 (EDT) (envelope-from wollman) Date: Mon, 24 Jun 2002 22:33:11 -0400 (EDT) From: Garrett Wollman Message-Id: <200206250233.g5P2XBZi009480@khavrinen.lcs.mit.edu> To: Chris BeHanna Cc: FreeBSD Security Subject: Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd) In-Reply-To: <20020624212557.R7245-100000@topperwein.dyndns.org> References: <20020624163538.H10398-100000@yez.hyperreal.org> <20020624212557.R7245-100000@topperwein.dyndns.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > Result: it's possible to completely prevent the window of > vulnerability that usually exists between the announcement of an > exploit and the availability of a fix for same. Only if you run absolutely stock, bog-standard OpenSSH. Many of us have different operational requirements. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message