[Gllug] [Fwd: SSH Security Advisory: Centos (and other distros)]
Nix
nix at esperi.org.uk
Thu Jul 9 23:05:03 UTC 2009
On 8 Jul 2009, Andy Millar stated:
> On Wed, 2009-07-08 at 08:23 +0100, Jon Fautley wrote:
>>
>> So you've got an email from someone asking you to go and install some
>> "random" SSH RPMs from a non-vendor site, because of a security hole
>> they're not disclosing (or, in fact, confirming)?
>
> Given that we have Red Hat Employees people on this list, can anyone
> from Red Hat actually confirm or deny that this is an issue.
Damien Miller (the Portable OpenSSH maintainer) doesn't know what it is,
so how could you expect anyone else to?
There are basically no useful details right now, and a lot of
speculation that the various transcripts may have been manipulated
after capture.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list