Jim:
On June 27, Red Hat released openssh-3.1p1-6. There was a security
problem in some non-default configurations that was addressed by this
release. Can you demonstrate that this release of openssh is insecure?
If so, then you need to contact Red Hat. They'll fix it, believe me.
Like most companies these days, they really jump when security is
involved. One way to contact them is through Bugzilla
https://bugzilla.redhat.com/bugzilla/. It's a reall bitch in lynx,
though.
HTH and 73.
Bill
On Thu, 18 Jul 2002 jwantz at hpcc2.hpcc.noaa.gov wrote:
> Hi Ryan,
> Your problem probably lies in your /etc/apt/sources.list file its
> pointing to some directories that no longer exist. For the moment I'd
> comment out all references that are not referring to freshrpms.
> Incidentally, I registered on Redhat network yesterday try: rhn_register
> and up2date works fine, but I still like apt4rpm better. By the way,
> Redhat Network did not have the latest upgrades to openssh, which
> considering the vulnerabilities in releases 2.3 through 3.31 is not very
> good. Redhat is calaiming that they don't have a problem, but this is
> not so!
