SSL Buffer Overflow Vulnerability
Patrick Boutilier
boutilpj at ednet.ns.ca
Thu May 27 10:49:36 UTC 2004
Chalonec Roger wrote:
> Our security folks detected an openSSH vulnerability in a fully patched
> FC1. They said that it was running version 3.7.0 and needed to go to
> 3.7.1 . Should this be the case if FC1 is fully patched? Can anyone
> point me to directions on how to upgrade to 3.7.1 or recommend a better
> openSSH version?
FC1 comes with OpenSSH_3.6.1p2 so if you are running 3.7.0 you installed
another version, perhaps from source.
>
> Thanks,
>
> Roger
>
>
>
>
>
More information about the fedora-list
mailing list