Need Help to Fix CVE-2008-1483, CVE-2008-5161, CVE-2015-5600 and CVE-2015-6565

Martin Hecht hecht at hlrs.de
Wed Mar 9 00:38:30 AEDT 2016


Was that ssh shipped with your OS distribution? If yes, it might already
be patched if you have installed the OS security patches. Check with
your OS vendor.

On 03/08/2016 02:19 PM, abhi dhiman wrote:
> Hi Gert,
>
> Thanks for your reply.
>
> But we can't upgrade to 7.2 version also we don't have plan to upgrade in
> near future. Can I fix these vulnerabilities in the current version?
>
> Regards
> Abhishek
>
> On Tue, Mar 8, 2016 at 6:42 PM, Gert Doering <gert at greenie.muc.de> wrote:
>
>> Hi,
>>
>> On Tue, Mar 08, 2016 at 06:14:01PM +0530, abhi dhiman wrote:
>>> Actually I am working with the OpenSSH version 6.2p which is vulnerable
>> to
>>> above mentioned vulnerabilities.
>>>
>>> So am looking for some help how I can fix these vulnerabilities in my
>>> version. I need to fix it in the OpenSSH code.
>> "Upgrade to 7.2"?
>>
>> gert
>> --
>> USENET is *not* the non-clickable part of WWW!
>>                                                            //
>> www.muc.de/~gert/
>> Gert Doering - Munich, Germany
>> gert at greenie.muc.de
>> fax: +49-89-35655025
>> gert at net.informatik.tu-muenchen.de
>>
>
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20160308/4fab4a6e/attachment.bin>


More information about the openssh-unix-dev mailing list