OpenSSH 3.4p1 trojaned -- RH/Debian OK?
[link|http://docs.freebsd.org/cgi/getmsg.cgi?fetch=394609+0+current/freebsd-security|].
What's not provided here is information on what the MD5sums of the
binaries are.
This is the md5 checksum of the openssh-3.4p1.tar.gz in the FreeBSD
ports system:
MD5 (openssh-3.4p1.tar.gz) = 459c1d0262e939d6432f193c7a4ba8a8
This is the md5 checksum of the trojaned openssh-3.4p1.tar.gz:
MD5 (openssh-3.4p1.tar.gz) = 3ac9bc346d736b4a51d676faa2a08a57
Edwin
Nothing at Red Hat or Debian's pages. Latest releases of both (7.3 and Woody or testing/unstable respectively) are running 3.4p1-
something, and I suspect it's the 'something' that's important.
--
Karsten M. Self [link|mailto:kmself@ix.netcom.com|kmself@ix.netcom.com]
[link|http://kmself.home.netcom.com/|[link|http://kmself.home.netcom.com/|http://kmself.home.netcom.com/]]
What part of "gestalt" don't you understand?
[link|http://twiki.iwethey.org/twiki/bin/view/Main/|TWikIWETHEY] -- an experiment in collective intelligence. Stupidity. Whatever.
Keep software free. Oppose the CBDTPA. Kill S.2048 dead.
[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|[link|http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html|http://www.eff.org/...a_alert.html]]