[2579] in Release_7.7_team
Re: Emergency Athena 8.4.20 patch release right now
daemon@ATHENA.MIT.EDU (Christine Moulen)
Fri Feb 9 09:25:11 2001
Message-Id: <4.2.2.20010209092023.02f3b5c0@po11.mit.edu>
Date: Fri, 09 Feb 2001 09:25:06 -0500
To: release-team@mit.edu
From: Christine Moulen <orbitee@MIT.EDU>
In-Reply-To: <200102090332.WAA05790@egyptian-gods.MIT.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Would you know where I can get non-Athena-specific information on this
security hole? We have a couple of non-Athena Solaris servers running
sshd, and I run sshd on a Linux machine at home. I don't know whether
they'd be affected.
Thanks
At 10:32 PM 2/8/01 -0500, you wrote:
>Hi. A remotely exploitable security hole was recently found in the
>version of sshd we use on Athena. To address this issue, we've
>put out an emergency patch release to update sshd.
>
>If you have an AUTOUPDATE=false machine and want to take the patch
>release manually after it goes out, do a console login as root and run
>"update_ws".
>
>If you have a machine which runs sshd and cannot conveniently take the
>update, or a layered Linux machine, you can manually update your sshd
>binary by logging in as root and doing the following:
>
> ON SOLARIS OR IRIX:
>
> cp /srvd/etc/athena/sshd /etc/athena/sshd.new
> mv /etc/athena/sshd.new /etc/athena/sshd
> # Reboot if reasonable; otherwise restart sshd:
> kill `cat /var/athena/sshd.pid`
> sshd
>
> ON LINUX:
>
> rpm -U
> /afs/athena.mit.edu/system/rhlinux/athena-8.4/free/RPMS/athena-ssh-8.4-20.
> i386.rpm
> # Reboot if reasonable; otherwise restart sshd:
> kill `cat /var/athena/sshd.pid`
> sshd
>
>If you have an Athena 8.3 or earlier machine which runs sshd, please
>disable sshd for now (set SSHD=false in /etc/athena/rc.conf and "kill
>`cat /var/athena/sshd.pid`") and contact us if you need further
>support.
>
>Please send questions or comments to release-team@mit.edu.
Christine Moulen
Library Systems Manager
MIT Libraries, 14-0615
617-253-0757, fax 617-253-8894
orbitee@mit.edu