[FUG-BR] [FYI] Fwd: De Raadt + FBSD + OpenSSH + hole?

Welkson Renny de Medeiros welkson em gmail.com
Terça Abril 15 11:50:01 BRT 2014


Pessoal,

Desculpe-me pela pergunta newbie, mas o OpenSSH que o FreeBSD usa não é o
MESMO do OpenBSD? Ou o FreeBSD fez algum tipo de "fork"?

". as long as you aren't using FreeBSD or a derivative (hint: Jupiper),
you are fine.  That's the only place I know of an OpenSSH hole. "

flames > /dev/null (saudoso Irado =)

Welkson



---------- Forwarded message ----------
From: Todor Todorov <todorov em paladin.bulgarpress.com>
Date: 2014-04-13 19:38 GMT-03:00
Subject: De Raadt + FBSD + OpenSSH + hole?
To: freebsd-security em freebsd.org


Hi everyone,
I came across this :

https://groups.google.com/forum/#!topic/mailing.openbsd.tech/xALfxxR3oKo

" You are welcome.  Stuart Henderson wrote the draft, but he forgot that
part, and Damien Miller and I realized it was needed.  We sensed there
might be some ambiguity...  we'll take care the next time an
OpenOffice problem also.

... as long as you aren't using FreeBSD or a derivative (hint: Jupiper),
you are fine.  That's the only place I know of an OpenSSH hole.

Oh now I sense some angst.  Please ask Kirk McKusick, he knows the
story about why this is not being disclosed to FreeBSD.  Sometimes I
feel a bit sorry for them (and for him), but then the next minute I
don't feel sorry because there's damn good reasons they won't be
told about what I found.

Does that answer help?  Hope so."

Any guidance here?
_______________________________________________
freebsd-security em freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe em freebsd.org"


Mais detalhes sobre a lista de discussão freebsd