Home page logo

bugtraq logo Bugtraq mailing list archives

OpenSSH 3.0.1 (fwd)
From: Jonas Eriksson <je () sekure net>
Date: Mon, 19 Nov 2001 18:23:53 +0100 (CET)

---------- Forwarded message ----------
Date: Mon, 19 Nov 2001 17:13:02 +0100
From: openssh () openbsd org
Reply-To: openssh-unix-dev () mindrot org
To: announce () openbsd org
Subject: OpenSSH 3.0.1

OpenSSH 3.0.1 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.

We would like to thank the OpenSSH community for their continued
support and encouragement.

Important Changes:

        A security hole that may allow an attacker to authenticate
        if -- and only if -- the administrator has enabled KerberosV.
        By default, OpenSSH KerberosV support only becomes active
        after KerberosV has been properly configured.

        An excessive memory clearing bug (which we believe to be
        unexploitable) also exists, but since this may cause daemon
        crashes, we are providing a fix as well.

        Various other non-critical fixes (~& support and more).

OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.

  By Date           By Thread  

Current thread:
  • OpenSSH 3.0.1 (fwd) Jonas Eriksson (Nov 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]