linux security - Jun 1998 - SSH security hole found

>From http://lwn.net/#security
  A vulnerability present in the SSH software package can allow an
  attacker to execute arbitrary commands on the SSH server.  To protect
  against this, immediately upgrade to ssh 1.2.25. Red Hat ssh-1.2.25 RPMs
  are available, as is the Debian ssh-1.1.25 package for hamm (Debian
  2.0-to-be).

  There are SSH 1.2.25 RPMs here:
 
 	ftp://ftp.fi.muni.cz/pub/ssh/local-fi.muni.cz/linux/

  The Debian ssh-1.2.25 package is available at:

 	ftp://ftp.lh.umu.se/pub/linux/debian-non-US/unstable/binary-i386/

(plagarized directly from the web page in question)

- Sam

"That which does not destroy me, makes me stronger" -- Nietzsche

On Fri, 19 Jun 1998 samboy@mr.samiam.org wrote:
> >From http://lwn.net/#security
> 
>   A vulnerability present in the SSH software package can allow an
>   attacker to execute arbitrary commands on the SSH server.  To protect
>   against this, immediately upgrade to ssh 1.2.25. Red Hat ssh-1.2.25 RPMs
>   are available, as is the Debian ssh-1.1.25 package for hamm (Debian
>   2.0-to-be).
Do you/they mean http://www.core-sdi.com/ssh/ssh-advisory.txt this ?