Date: Fri, 25 Feb 2005 21:08:03 +0100 From: Phil Schulz <ph.schulz@gmx.de> To: David Newman <wo_shi_big_stomach@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: updating system version of OpenSSH Message-ID: <421F85A3.1060406@gmx.de> In-Reply-To: <20050225195523.13893.qmail@web90103.mail.scd.yahoo.com> References: <20050225195523.13893.qmail@web90103.mail.scd.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/25/05 20:55, David Newman wrote: > What is the procedure for patching/updating system > version of OpenSSH on an FBSD 5.2.1 box? > If you can't afford to upgrade the base OS and you do not want to install OpenSSH from the ports, then you'll need to specify what vulnerability you are talking about. I checked the FreeBSD security advisories which *could* apply to your problem and it seems that FreeBSD-SA-04:05.openssl is the one you might be talking about. A patch is included with the advisory along with instructions on how to apply the patch and fix the issue. ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc Regards, Phil. > I used the excellent Rootkit Hunter security > assessment tool: > > http://www.rootkit.nl/projects/rootkit_hunter.html > > and it found that I'm running OpenSSH 3.6.1p1, which > has at least one vulnerability. > > I only know how to install/upgrade from ports. OpenSSH > is part of the ports collection, but the build I'm > running was included with the OS. > > What's the right way to proceed here? > > thanks > > /wsbs >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?421F85A3.1060406>