Date: Fri, 25 Feb 2005 15:15:06 -0500 From: "greg@grokking.org" <greg@grokking.org> To: freebsd-questions@freebsd.org Subject: Re: updating system version of OpenSSH Message-ID: <421F874A.4030307@grokking.org> In-Reply-To: <20050225195523.13893.qmail@web90103.mail.scd.yahoo.com> References: <20050225195523.13893.qmail@web90103.mail.scd.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
David Newman wrote: > What is the procedure for patching/updating system > version of OpenSSH on an FBSD 5.2.1 box? > > I used the excellent Rootkit Hunter security > assessment tool: > > http://www.rootkit.nl/projects/rootkit_hunter.html > > and it found that I'm running OpenSSH 3.6.1p1, which > has at least one vulnerability. > > I only know how to install/upgrade from ports. OpenSSH > is part of the ports collection, but the build I'm > running was included with the OS. > > What's the right way to proceed here? > > thanks > Someone please correct me if I'm wrong on this but I believe rkhunter is just checking the version 3.6.1 and doesn't account for the 'p1' part which refers to a FBSD patch that corrected the vulnerability rkhunter is referring to. IOW, I don't think you need to update ssh on 5.2.1 if your motive is merely that rkhunter flagged it. To be sure, check the older security advisories at freebsd.org and I bet you'll find a reference to it. G
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?421F874A.4030307>