Hi All, Please direct me to the code changes for above vulnerabilities. We don't have a vendor but we use Openssh in our software. So can't upgrade it right now. Regards Abhishek On Tue, Mar 8, 2016 at 7:08 PM, Martin Hecht <hecht@xxxxxxx> wrote: > > Was that ssh shipped with your OS distribution? If yes, it might already > be patched if you have installed the OS security patches. Check with > your OS vendor. > > On 03/08/2016 02:19 PM, abhi dhiman wrote: > > Hi Gert, > > > > Thanks for your reply. > > > > But we can't upgrade to 7.2 version also we don't have plan to upgrade in > > near future. Can I fix these vulnerabilities in the current version? > > > > Regards > > Abhishek > > > > On Tue, Mar 8, 2016 at 6:42 PM, Gert Doering <gert@xxxxxxxxxxxxxx> > wrote: > > > >> Hi, > >> > >> On Tue, Mar 08, 2016 at 06:14:01PM +0530, abhi dhiman wrote: > >>> Actually I am working with the OpenSSH version 6.2p which is vulnerable > >> to > >>> above mentioned vulnerabilities. > >>> > >>> So am looking for some help how I can fix these vulnerabilities in my > >>> version. I need to fix it in the OpenSSH code. > >> "Upgrade to 7.2"? > >> > >> gert > >> -- > >> USENET is *not* the non-clickable part of WWW! > >> // > >> www.muc.de/~gert/ > >> Gert Doering - Munich, Germany > >> gert@xxxxxxxxxxxxxx > >> fax: +49-89-35655025 > >> gert@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx > >> > > > > > > > -- abhi~dhiman _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev