OpenSSH vulnerability warning

[Christopher Murtagh]

 Just a heads up to anyone who might not have seen it:

http://marc.theaimsgroup.com/?l=openbsd-announce&m=102497569424297&w=2

http://slashdot.org/article.pl?sid=02/06/24/1912215&mode=thread&tid=167

 According to the above, if you aren't running OpenSSH 3.3, you will
probably want to upgrade ASAP and turn on UsePrivilegeSeparation. By the
sounds of it, there is a nasty exploit that will be made public soon.

 Tough luck for Terra Soft, this is the second OpenSSH vulnerability that
came right *after* a new YDL release. :-( So, when's YDL 2.4 coming out.
:-)

Cheers,

Chris

-- 

Christopher Murtagh
Webmaster / Sysadmin
Web Communications Group
McGill University
Montreal, Quebec
Canada

Tel.: (514) 398-3122
Fax:  (514) 398-2017