[Gllug] [Fwd: [SECURITY] [DSA-134-1] OpenSSH remote vulnerability]
Paul Nasrat
pauln at truemesh.com
Fri Jun 28 10:10:44 UTC 2002
On Fri, Jun 28, 2002 at 10:39:59AM +0100, Martyn Drake wrote:
> On 28 Jun 2002 08:28:17 +0100 Nix wrote:
>
> > ... and look out if you're upgrading from canonical sources, because
> > those sources haven't integrated Solar Designer's patch to allow
> > compression and privsep on Linux-2.2.
>
> Where does this patch live? I've been looking on Google, OpenSSH.org
> and just about everywhere and I'll be darned if I can find it.
OK quick browse at how Owl does things, patches/spec files/etc stored:
ftp://ftp2.ru.openwall.com/pub/Owl/current/native.tar.gz
native/Owl/packages/openssh/openssh.spec
native/Owl/packages/openssh/*.diff
I think the key ones are the mmap fallback patch, you might want to
compare with your upstream package patches with the others.
HTH
Paul
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list