LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Eridani alert ERISA-2002:025 (openssh)



From:
    	      Eridani Star System <linux@eridani.co.uk>


To:
    	      eridani-announce@eridani.co.uk


Subject:
    	      [Eridani-Announce] ERISA-2002:025 - openssh


Date:
    	      Sun, 23 Jun 2002 22:47:36 +0100 (BST)



=========================================================================
		ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================

Package:	openssh
Summary:	Safeguard: Privilege separation in OpenSSH
Date:		2002-06-23
ID:		ERISA-2002:025

=========================================================================

Problem description:

  The new version of OpenSSH now splits itself into two processes, the one
  that handles the network connections is unprivileged.  For a complete
  explanation, please check the references below.

  The practical upshot of this is it contains the effects of possible
  programming errors.  A bug in the unprivileged child process does not
  result in a system compromise. It is this unprivileged process that
  handles the network connections.

  This advisory supercedes ERISA-2002:017, and the old packages have been
  removed from the FTP server.

-------------------------------------------------------------------------
Updated packages:

  6d225e46523cb3883539b580ec8e5b8c  openssh-3.3p1-1.src.rpm

  43f0e1e1342eeb48704b255e442413c  openssh-3.3p1-1.i386.rpm
  d389c936bac33210c328ff643262199a  openssh-askpass-3.3p1-1.i386.rpm
  0684a9990f8ba8e3dd61f59b7add5d00  openssh-askpass-gnome-3.3p1-1.i386.rpm
  75ffb8350bf16ca2d11b7f01e4a721b3  openssh-clients-3.3p1-1.i386.rpm
  3e21f4fc75d8c2cfd43ce0c7dea33554  openssh-server-3.3p1-1.i386.rpm

-------------------------------------------------------------------------
References:
  http://lwn.net/Articles/3184/
  http://www.citi.umich.edu/u/provos/ssh/privsep.html

=========================================================================

Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/

Packages are signed with our GNU GPG key, also on our FTP site.

Users of releases of Eridani Linux prior to 6.3 are advised to download
the source RPM and rebuild for their system.

Copyright (C)2002 Eridani Star System

-- Michael "Soruk" McConnell                       http://www.eridani.co.uk
Eridani Linux  --  The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...


_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds