Hi, We are using your product openssh 2.3.0p1 and we should upgrade to openssh 3.7.1p1 mainly for better SSH2 support but also for the bug reported on <http://www.kb.cert.org/vuls/id/333628> Is this problem located on the server side or on the client side, or both? Regards, Carin Andersson Software Developer Ericsson AB
"Carin Andersson (HF/EAB)" wrote:> We are using your product openssh 2.3.0p1 and we should upgrade to openssh 3.7.1p1 mainly for > better SSH2 support but also for the bug reported on > <http://www.kb.cert.org/vuls/id/333628> > Is this problem located on the server side or on the client side, or both?That particular bug is on the server side. There are other security bugs that have been fixed between 2.3.0p1 and 3.7.1p2 (which is the latest release, not 3.7.1p1). -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.