From:	 dburcaw@newhope.terraplex.com
To:	 yellowdog-updates@lists.yellowdoglinux.com
Subject: [yellowdog-updates] Yellow Dog Linux Security Advisory: YDU-20020309-1
Date:	 10 Mar 2002 00:42:15 -0000

Yellow Dog Linux Security Announcement
--------------------------------------

Package:	openssh	
Issue Date: 	March 09, 2002	
Priority:	high		
Advisory ID: 	YDU-20020309-1


1. 	Topic:

	Updated openssh packages fix a potential remote root exploit in sshd.


2. 	Problem:

	"Joost Pol has discovered an off-by-one error in all versions of the
	OpenSSH daemon (sshd) prior to version 3.1.

	This issue could allow an authenticated user to cause sshd to corrupt
	its heap, potentially allowing arbitrary code to be executed on the remote
	server.  Alternatively, a malicious SSH server could be crafted to attack
	a vulnerable OpenSSH client.  

	Users are advised to upgrade to these errata packages containing OpenSSH
	3.1, which is not vulnerable to this issue.

	The Common Vulnerabilities and Exposures project (cve.mitre.org) has
	assigned the name CAN-2002-0083 to this issue."
	(from Red Hat's advisory)


3. 	Solution:

   	a) Updating via yup...
   	We suggest that you use the Yellow Dog Update Program (yup)
   	to keep your system up-to-date. The following command(s) will
   	automatically retrieve and install the fixed version of
   	this update onto your system:

   		yup update openssh 
		yup update openssh-askpass
		yup update openssh-askpass-gnome
		yup update openssh-clients
		yup update openssh-server

   	b) Updating manually...
   	The update can also be retrieved manually from our ftp site
   	below along with the rpm command that should be used to install
   	the update.  (Please use a mirror site)

   		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.1/ppc/
		rpm -Fvh openssh-3.1p1-2.ppc.rpm
		rpm -Fvh openssh-askpass-3.1p1-2.ppc.rpm
		rpm -Fvh openssh-askpass-gnome-3.1p1-2.ppc.rpm
		rpm -Fvh openssh-clients-3.1p1-2.ppc.rpm
		rpm -Fvh openssh-server-3.1p1-2.ppc.rpm

4. Verification

MD5 checksum			  Package
--------------------------------  ----------------------------
867fe04ffa1287cdf41c11b54c637476  ppc/openssh-3.1p1-2.ppc.rpm
728a3c16c461f4ba2bcac8cfaee1991f  ppc/openssh-askpass-3.1p1-2.ppc.rpm
83861f3c3b2b989915488d2b2cbfdc25  ppc/openssh-askpass-gnome-3.1p1-2.ppc.rpm
8751a43409127dff1d5848e4209b764d  ppc/openssh-clients-3.1p1-2.ppc.rpm
f648310c47d1a32a52a948b7e48a4533  ppc/openssh-server-3.1p1-2.ppc.rpm
f18dc5e67596b5504f2ccc9cfaf7b6cf  SRPMS/openssh-3.1p1-2.src.rpm

If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: rpm --checksig --nogpg filename


5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.yellowdoglinux.com/ for more
information.

For information regarding the usage of yup, the Yellow Dog Update Program, see 
http://http://www.yellowdoglinux.com/support/solutions/ydl_general/yup.shtml