OpenSSH vulnerability
Bruno Wolff III
bruno at wolff.to
Fri May 22 04:55:39 UTC 2009
On Thu, May 21, 2009 at 15:46:56 -0700,
Konstantin Svist <fry.kun at gmail.com> wrote:
> See http://news.zdnet.com/2100-9595_22-303182.html
> Apparently all versions under 5.2 (released back in February 23rd) are
> vulnerable.
>
> OpenSSH is at 5.1p1-3.fc10 in the Fedora repos. Don't see 5.2 even in
> updates-testing. When will it become available?
Unless you are using automated reconnection after broken connections this
attack isn't a big deal. It's not like you aren't going to notice someone
trying it for normal interactive sessions.
More information about the fedora-list
mailing list