Re: Need Help to Fix CVE-2008-1483, CVE-2008-5161, CVE-2015-5600 and CVE-2015-6565

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi All,

Please direct me to the code changes for above vulnerabilities.
We don't have a vendor but we use Openssh in our software. So can't upgrade
it right now.

Regards
Abhishek

On Tue, Mar 8, 2016 at 7:08 PM, Martin Hecht <hecht@xxxxxxx> wrote:

>
> Was that ssh shipped with your OS distribution? If yes, it might already
> be patched if you have installed the OS security patches. Check with
> your OS vendor.
>
> On 03/08/2016 02:19 PM, abhi dhiman wrote:
> > Hi Gert,
> >
> > Thanks for your reply.
> >
> > But we can't upgrade to 7.2 version also we don't have plan to upgrade in
> > near future. Can I fix these vulnerabilities in the current version?
> >
> > Regards
> > Abhishek
> >
> > On Tue, Mar 8, 2016 at 6:42 PM, Gert Doering <gert@xxxxxxxxxxxxxx>
> wrote:
> >
> >> Hi,
> >>
> >> On Tue, Mar 08, 2016 at 06:14:01PM +0530, abhi dhiman wrote:
> >>> Actually I am working with the OpenSSH version 6.2p which is vulnerable
> >> to
> >>> above mentioned vulnerabilities.
> >>>
> >>> So am looking for some help how I can fix these vulnerabilities in my
> >>> version. I need to fix it in the OpenSSH code.
> >> "Upgrade to 7.2"?
> >>
> >> gert
> >> --
> >> USENET is *not* the non-clickable part of WWW!
> >>                                                            //
> >> www.muc.de/~gert/
> >> Gert Doering - Munich, Germany
> >> gert@xxxxxxxxxxxxxx
> >> fax: +49-89-35655025
> >> gert@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> >>
> >
> >
>
>
>


-- 
abhi~dhiman
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux