Date: Fri, 2 Aug 2002 21:21:40 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: freebsd-questions@FreeBSD.ORG Subject: Re: ssh version after cvsup Message-ID: <20020802202140.GA54353@happy-idiot-talk.infracaninophi> In-Reply-To: <20020802163208.B1652@gicco.cablecom.ch> References: <20020801233516.A769@gicco.cablecom.ch> <20020802064431.GA51805@happy-idiot-talk.infracaninophi> <20020802163208.B1652@gicco.cablecom.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 02, 2002 at 04:32:08PM +0200, Hanspeter Roth wrote: > On Aug 02 at 07:44, Matthew Seaman spoke: > > > On Thu, Aug 01, 2002 at 11:35:16PM +0200, Hanspeter Roth wrote: > > > > > which ssh version will I get after cvsuping to RELENG_4_6? > > > > OpenSSH 3.4p1 > > > > http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/version.h?rev=1.1.1.1.2.8.2.1&content-type=text/x-cvsweb-markup&only_with_tag=RELENG_4_6 > > Ok. Thank you. > Is there a means to ensure it has not been trojaned? By installing via 'make buildworld' of the FreeBSD sources? The trojan consisted of an extra file and some modifications to the OpenSSH Makefile --- neither of which were checked into the FreeBSD CVS repository. Even if you're installing from ports, so long as you don't override the checksum tests, you'll be OK. I believe it was because of the ports that the trojan was discovered. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Tel: +44 1628 476614 Marlow Fax: +44 0870 0522645 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020802202140.GA54353>