Contributed by jose on from the secure dept.
OpenBSD is not affected. Not at all. This is for two reasons. The first is that Pcap and Tcpdump are brought in only periodically and after a thorough code review. Many eyes have read the code, including Espie, Itojun, Provos, and others. Secondly, OpenBSD rolls its own build system (for pcap and tcpdump ). The trojan affected the configure script and was activated at build time.
If you are building tools which use pcap (such as Snort in ports) you're most likely using the system's pcap. As such, you don't need to download the pcap distribution and are not downloading a trojanned archive.
(Comments are closed)