![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
Date: Mon, 26 Mar 2001 13:32:38 -0800
From: Greg KH <greg@WIREX.COM>
Subject: Immunix OS Security update for openssh
To: BUGTRAQ@SECURITYFOCUS.COM
--VrqPEDrXMn8OVzN4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: openssh
Affected products: Immunix OS 6.2, 7.0-beta, and 7.0
Bugs Fixed: immunix/1511
Date: March 26, 2001
Advisory ID: IMNX-2001-70-009-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
Solar Designer has posted an excellent analysis of problems in current
versions of numerous SSH protocol implementations. These problems can
allow an attacker that is monitoring encrypted SSH sessions to obtain
sensitive information. For more information on this, please see
http://www.securityfocus.com/archive/1/169840
WireX has released new versions of the OpenSSH packages that addresses
these problems. This is also the first available release of OpenSSH
for Immunix 6.2. All Immunix users are urged to upgrade to these new
packages.
Package names and locations:
Precompiled binary packages for Immunix 6.2 are available at:
http://immunix.org/ImmunixOS/6.2/updates/RPMS/openssh-2.5.2p2-1_StackGuard_2.i386.rpm
http://immunix.org/ImmunixOS/6.2/updates/RPMS/openssh-askpass-2.5.2p2-1_StackGuard_2.i386.rpm
http://immunix.org/ImmunixOS/6.2/updates/RPMS/openssh-askpass-gnome-2.5.2p2-1_StackGuard_2.i386.rpm
http://immunix.org/ImmunixOS/6.2/updates/RPMS/openssh-clients-2.5.2p2-1_StackGuard_2.i386.rpm
http://immunix.org/ImmunixOS/6.2/updates/RPMS/openssh-server-2.5.2p2-1_StackGuard_2.i386.rpm
Source package for Immunix 6.2 is available at:
http://immunix.org/ImmunixOS/6.2/updates/SRPMS/openssh-2.5.2p2-1_StackGuard_2.src.rpm
Precompiled binary packages for Immunix 7.0-beta and 7.0 are available at:
http://immunix.org/ImmunixOS/7.0/updates/RPMS/openssh-2.5.2p2-1_imnx_2.i386.rpm
http://immunix.org/ImmunixOS/7.0/updates/RPMS/openssh-askpass-2.5.2p2-1_imnx_2.i386.rpm
http://immunix.org/ImmunixOS/7.0/updates/RPMS/openssh-clients-2.5.2p2-1_imnx_2.i386.rpm
http://immunix.org/ImmunixOS/7.0/updates/RPMS/openssh-server-2.5.2p2-1_imnx_2.i386.rpm
Source package for Immunix 7.0-beta and 7.0 is available at:
http://immunix.org/ImmunixOS/7.0/updates/SRPMS/openssh-2.5.2p2-1_imnx_2.src.rpm
md5sums of the packages:
dd3c264aa42a3737057a31456ba2cbb3 openssh-2.5.2p2-1_StackGuard_2.i386.rpm
319be30c75be32c8e5caf218ae68d9e6 openssh-askpass-2.5.2p2-1_StackGuard_2.i386.rpm
c3b23e55e7e43c8f25cf53bca818007f openssh-askpass-gnome-2.5.2p2-1_StackGuard_2.i386.rpm
b13f9cb659916a912dc2c13bd7ecaa27 openssh-clients-2.5.2p2-1_StackGuard_2.i386.rpm
8a3386984e4de37e314a3ca9e9925c48 openssh-server-2.5.2p2-1_StackGuard_2.i386.rpm
a33741ce29faa75bc93601c568f68deb openssh-2.5.2p2-1_StackGuard_2.src.rpm
1ea6e409d96ad90d02d3523c46f58ffc openssh-2.5.2p2-1_imnx_2.i386.rpm
bbc07d1db6b74c909e89c6ed672767ba openssh-askpass-2.5.2p2-1_imnx_2.i386.rpm
28e9e9d368f6357a80ac1a90c61c4dae openssh-clients-2.5.2p2-1_imnx_2.i386.rpm
611b75b709ac04f93e21f680ac4e3ee1 openssh-server-2.5.2p2-1_imnx_2.i386.rpm
20ca2ae3fa8fbc71b5eca9eea30dc438 openssh-2.5.2p2-1_imnx_2.src.rpm
Online version of all Immunix 6.2 updates and advisories:
http://immunix.org/ImmunixOS/6.2/updates/
Online version of all Immunix 7.0-beta updates and advisories:
http://immunix.org/ImmunixOS/7.0-beta/updates/
Online version of all Immunix 7.0 updates and advisories:
http://immunix.org/ImmunixOS/7.0/updates/
NOTE:
Ibiblio is graciously mirroring our updates, so if the links above are
slow, please try:
ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
or one of the many mirrors available at:
http://www.ibiblio.org/pub/Linux/MIRRORS.html
--VrqPEDrXMn8OVzN4
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6v7V1Al5ylTeuKpURAs6AAKCHGUIt6bHPD+08zDmdcQrudt9CCgCeKrh/
suMdJDCwahRpzcplEFRrMgM=OX4l
-----END PGP SIGNATURE-----
--VrqPEDrXMn8OVzN4--