[29988] in bugtraq
Re: Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)
daemon@ATHENA.MIT.EDU (Darren Tucker)
Thu May 1 16:44:19 2003
Message-ID: <3EAF8968.7DBC1438@zip.com.au>
Date: Wed, 30 Apr 2003 18:29:28 +1000
From: Darren Tucker <dtucker@zip.com.au>
MIME-Version: 1.0
To: BUGTRAQ@securityfocus.com, openssh-unix-dev@mindrot.org
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Damien Miller wrote:
> 1. Systems affected:
> Users of Portable OpenSSH prior to 3.6.1p2 on AIX are affected
> if OpenSSH was compiled using a non-AIX compiler (e.g. gcc).
Hi All.
For the last year or so I've published OpenSSH binary packages for AIX at
[1].
I would like to advise all users of these packages that all versions up
to and including the 3.6.1p1 version *are* affected by this and have been
removed.
A patched version (3.6.1p1-1) is available which addresses this issue. I
urge all users of these packages to upgrade or apply the workaround
immediately.
-Daz.
[1] http://www.zip.com.au/~dtucker/openssh/
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
