1 |
Hi, |
2 |
|
3 |
I haven't seen anything in bugs or this list about this, so here is the |
4 |
news: |
5 |
CERT have issued an advisory about OpenSSH, the bug in question enables |
6 |
existing users to gain root privelidges. |
7 |
The advisory is here: http://www.pine.nl/advisories/pine-cert-20020301.txt |
8 |
The fix is to upgrade to the latest OpenSSH (3.1p1) ASAP. |
9 |
May I politely suggest that a new ebuild be constructed post-haste? :) |
10 |
Anyway, for those at risk, I have constructed an emergency ebuild and |
11 |
digest file, so you may upgrade immediately. |
12 |
The files can be found here: http://www.cdavies.org/gentoo/ |
13 |
|
14 |
Put the digest file in /usr/portage/net-misc/openssh/files and the |
15 |
ebuild in /usr/portage/net-misc/openssh and rerun emerge openssh. |
16 |
|
17 |
If anyone thinks it is worthwhile, I will also post this message to the |
18 |
gentoo users list, but at present I'm not going to do that. |
19 |
Thanks, |
20 |
C.Davies |
21 |
(c.davies@×××××××.org) |