LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Trustix alert 2003-0036 (openssh)



From:
    	      Trustix Secure Linux Advisor <tsl@trustix.com>


To:
    	      tsl-announce@tslng.org


Subject:
    	      TSLSA-2003-0036 - openssh


Date:
    	      Mon, 29 Sep 2003 04:19:48 +0200



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2003-0036

Package name:      openssh
Summary:           Minor bugfixes
Date:              2003-09-27
Affected versions: TSL 1.2, 1.5, 2.0

- --------------------------------------------------------------------------
Package description:
  Ssh (Secure Shell) a program for logging into a remote machine and for
  executing commands in a remote machine.  It is intended to replace
  rlogin and rsh, and provide secure encrypted communications between
  two untrusted hosts over an insecure network.  X11 connections and
  arbitrary TCP/IP ports can also be forwarded over the secure channel.

  OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
  up to date in terms of security and features, as well as removing all
  patented algorithms to seperate libraries (OpenSSL).

Problem description:
  More cleanup patches not belived to be of any security matter, but
  still.

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Public testing:
  These packages have been available for public testing for some time.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://www.trustix.net/pub/Trustix/testing/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/testing/>

  You may also use swup for public testing of updates for TSL 2.0 and later:
  
  site {
      class = 0
      location = "http://snow.trustix.org/cloud/rdfs/latest.rdf"
      regexp = ".*"
  }
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key is available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.net/errata/trustix-1.2/>,
  <URI:http://www.trustix.net/errata/trustix-1.5/> and
  <URI:http://www.trustix.net/errata/trustix-2.0/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2003/TSL-2003-0036-openssh.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
cdd7fbe95ce29e7986a0221281bd55dd  ./1.2/RPMS/openssh-3.1.0p1-7tr.i586.rpm
1c25a27b945b95244aad8ba67174f83b  ./1.2/RPMS/openssh-clients-3.1.0p1-7tr.i586.rpm
808f9e79c58ca5e59e97520e62852dbb  ./1.2/RPMS/openssh-server-3.1.0p1-7tr.i586.rpm
16c61042d2804ff58d238ec4c951334e  ./1.2/SRPMS/openssh-3.1.0p1-7tr.src.rpm
082c9e04ac3ddc7c9cfb5485fc87623c  ./1.5/RPMS/openssh-3.1.0p1-7tr.i586.rpm
43f0118586fce6165fc64cc0ad9ff89d  ./1.5/RPMS/openssh-clients-3.1.0p1-7tr.i586.rpm
a93c90cd2dbc88e1f6eafecec8fe3bb6  ./1.5/RPMS/openssh-server-3.1.0p1-7tr.i586.rpm
16c61042d2804ff58d238ec4c951334e  ./1.5/SRPMS/openssh-3.1.0p1-7tr.src.rpm
c6b2140f2d31890d997ac111bdbc1bb3  ./2.0/RPMS/openssh-3.6.1p2-5tr.i586.rpm
70e0f048977ab7e4f9258fd74ca01f3e  ./2.0/RPMS/openssh-clients-3.6.1p2-5tr.i586.rpm
041ed1eee2a15010cc6af4128403e166  ./2.0/RPMS/openssh-server-3.6.1p2-5tr.i586.rpm
aaf479bd9d626b7ff7d2888e4cb0a153  ./2.0/RPMS/openssh-server-config-3.6.1p2-5tr.i586.rpm
529ccaf089966ac90bbd3b5bb2596cb8  ./2.0/SRPMS/openssh-3.6.1p2-5tr.src.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/d4sywRTcg4BxxS0RAhYwAJ0WN5KmwaeNXCnmaxJTGgXV6etUvACeL/lt
Owo0n7fhUCIOqszO4sa5mBs=
=4xHh
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@tslng.org
http://www.tslng.org/mailman/listinfo/tsl-announce
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds