Contributed by Dengue on from the bits-of-crytped-fishies dept.
Subject: OpenSSH 3.0.1
Date: Mon, 19 Nov 2001 17:13:02 +0100
CC: email@example.com, firstname.lastname@example.org,
OpenSSH 3.0.1 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
We would like to thank the OpenSSH community for their continued
support and encouragement.
A security hole that may allow an attacker to authenticate
if -- and only if -- the administrator has enabled KerberosV.
By default, OpenSSH KerberosV support only becomes active
after KerberosV has been properly configured.
An excessive memory clearing bug (which we believe to be
unexploitable) also exists, but since this may cause daemon
crashes, we are providing a fix as well.
Various other non-critical fixes (~& support and more).
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller and Ben Lindstrom.
(Comments are closed)