Bug 38592

Summary: Bug in ssh2 in the ports !
Product: Ports & Packages Reporter: Geir Råness <freebsd>
Component: Individual Port(s)Assignee: freebsd-ports (Nobody) <ports>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
smime.p7s none

Description Geir Råness 2002-05-27 00:30:02 UTC 
There has been found and bug in the ssh 3.0.1 to 3.1.0 series.

And if you look in ssh2 ports dir, you will see it juse 3.1.0.

If you dont conf your config file right, you would be vuln to this bug.

Read about it here
http://online.securityfocus.com/archive/1/273840/2002-05-23/2002-05-29/0
http://www.ssh.com/products/ssh/advisories/authentication.cfm

The maintainer of this port has also been notified about this problem.

So at last, i would like to have this port marked as forbidden.
And the maintainer shuld update it !

Fix: 

Either conf your config file right.
Patch your current ssh, or you shuld upgraded to the newest version.
That is 3.1.2 at this time.
How-To-Repeat: Install ssh2 3.1.0 and juse standar conf  ? ;)
Comment 1 dwcjr 2002-05-27 02:58:26 UTC 
I don't believe this is actively maintained anymore, everyone should be using openssh.  If you would care to submit a diff to upgrade this to the latest version and the maintainer doesn't respond for a few weeks we can upgrade it.  If you don't, and the maintainer doesn't respond, nothing is likely to happen.
Comment 2 larse 2002-05-28 19:36:55 UTC 
This is a multi-part message in MIME format.
Comment 3 Pete Fritchman freebsd_committer freebsd_triage 2002-05-28 22:28:14 UTC 
State Changed
From-To: open->closed

Update committed, thanks for the problem report + the patch.