Re: Need Help to Fix CVE-2008-1483, CVE-2008-5161, CVE-2015-5600 and CVE-2015-6565

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Was that ssh shipped with your OS distribution? If yes, it might already
be patched if you have installed the OS security patches. Check with
your OS vendor.

On 03/08/2016 02:19 PM, abhi dhiman wrote:
> Hi Gert,
>
> Thanks for your reply.
>
> But we can't upgrade to 7.2 version also we don't have plan to upgrade in
> near future. Can I fix these vulnerabilities in the current version?
>
> Regards
> Abhishek
>
> On Tue, Mar 8, 2016 at 6:42 PM, Gert Doering <gert@xxxxxxxxxxxxxx> wrote:
>
>> Hi,
>>
>> On Tue, Mar 08, 2016 at 06:14:01PM +0530, abhi dhiman wrote:
>>> Actually I am working with the OpenSSH version 6.2p which is vulnerable
>> to
>>> above mentioned vulnerabilities.
>>>
>>> So am looking for some help how I can fix these vulnerabilities in my
>>> version. I need to fix it in the OpenSSH code.
>> "Upgrade to 7.2"?
>>
>> gert
>> --
>> USENET is *not* the non-clickable part of WWW!
>>                                                            //
>> www.muc.de/~gert/
>> Gert Doering - Munich, Germany
>> gert@xxxxxxxxxxxxxx
>> fax: +49-89-35655025
>> gert@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>>
>
>


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux