[LWN Logo]
[Timeline]
Date:         Wed, 15 Nov 2000 03:54:15 -0600
From:         Bryan Paxton <bpaxton@SECURITYPORTAL.COM>
Subject:      LSLID:20001115 - Kondara - OpenSSH
To:           LINUX-SECURITY@LISTSERV.SECURITYPORTAL.COM

LSLID:20001115

openssh(2000/11/15)

      Description

             the "openssh" packages distributed as "Kondara MNU/Linux 1.2 Nonfree" have security hole related X11 forwarding. you should
           upgrade these packages or clear this problem (See Reference below)

      RPMS/SRPMS
alpha:
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/alpha/openssh-2.3.0p1-4k.alpha.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/alpha/openssh-askpass-2.3.0p1-4k.alpha.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/alpha/openssh-askpass-gnome-2.3.0p1-4k.alpha.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/alpha/openssh-clients-2.3.0p1-4k.alpha.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/alpha/openssh-server-2.3.0p1-4k.alpha.rpm

i586:
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/i586/openssh-2.3.0p1-4k.i586.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/i586/openssh-askpass-2.3.0p1-4k.i586.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/i586/openssh-askpass-gnome-2.3.0p1-4k.i586.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/i586/openssh-clients-2.3.0p1-4k.i586.rpm
ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/i586/openssh-clients-2.3.0p1-4k.i586.rpm

SRPMS:
ftp://ftp.jaist.ac.jp/os/linux/kondara/Kondara-1.2/errata/SRPMS/openssh-2.3.0p1-4k.nosrc.rpm

References
           http://lwn.net/daily/openssh-bug.php3