[olug] OpenSSH updates for FreeBSD

Sean Kelly smkelly at zombie.org
Thu Sep 18 16:54:23 UTC 2003


On Thu, Sep 18, 2003 at 06:23:17AM -0500, neal rauhauser wrote:
> 
> 
>    There were a couple of updates for FreeBSD, but its not 3.7 - they're
> just patching 3.6.1 to deal with the problem - I believe its only half a
> dozen lines of code that needed attention.

FreeBSD will not be importing OpenSSH 3.7+ into any source tree until it
goes through -CURRENT first. They would much rather backport any necessary
patches than upgrade and have to deal with any possible upgrade pains
without any long-term testing.

>From what I gathered talking to the FreeBSD Security Officer, I believe
that the first set of OpenSSH patches released by OpenBSD were
"incomplete", only fixing the buffer issues in a single function. The
second patchset which has now been committed and MFC'd addresses the
problem in more places.  There was rumbling of there possibly being a third
patchset, but I haven't heard much about that lately. It will be
interesting to see if that really turns out to be the case.

>   And the cvsup servers are *open* now, unlike yesterday when it took
> four+ hours to get attached and pull the update.

Remember, there are many cvusp servers. If all else fails, there is a port
called fastest_cvsup that will find the fastest CVSup server for you. When
they are all full, cvsup12.freebsd.org still tends to be less full than the
other ones.

-- 
Sean Kelly         | PGP KeyID: D2E5E296
smkelly at zombie.org | http://www.zombie.org


More information about the OLUG mailing list