lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 30 Apr 2003 18:29:28 +1000
From: Darren Tucker <dtucker@....com.au>
To: BUGTRAQ@...URITYFOCUS.COM, openssh-unix-dev@...drot.org
Subject: Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)


Damien Miller wrote:
> 1. Systems affected:
>         Users of Portable OpenSSH prior to 3.6.1p2 on AIX are affected
>         if OpenSSH was compiled using a non-AIX compiler (e.g. gcc).

Hi All.

	For the last year or so I've published OpenSSH binary packages for AIX at
[1].

	I would like to advise all users of these packages that all versions up
to and including the 3.6.1p1 version *are* affected by this and have been
removed.

	A patched version (3.6.1p1-1) is available which addresses this issue.  I
urge all users of these packages to upgrade or apply the workaround
immediately.

		-Daz.

[1] http://www.zip.com.au/~dtucker/openssh/

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ