[MBT] new ticket for pkg openssh "CAN-2003-0190"
bugs at pld-linux.org
bugs at pld-linux.org
Wed Nov 26 10:24:02 CET 2003
Date: 2003-11-26 10:24:01+01 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: CAN-2003-0190
Ticket ID: #777
Ticket URL: http://bugs.pld-linux.org/?bug=777
Package: openssh-1:3.2.3p1-3
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
This is a little older, but the changelog does not mention it. Can you check if it is applied? A quick "check" as suggested in
http://lab.mediaservice.net/advisory/2003-01-openssh.txt
indicates that PLD is not vulnerable (anymore) but they list many (common) vendors which were vulnerable.
Maybe it ist he changelog entry labeld "CRITICAL SECURITY FIX; UPGRADE *NOW*" (which is not very helpfull, because it does not tell which security problem was fixed and I only see it *after* I installed it, hence it is useless in its current form).
More information about the pld-bugs
mailing list