[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH Security Advisory: Trojaned Distribution Files

To: "Misc @OpenBSD" <misc@openbsd.org>
Subject: Re: OpenSSH Security Advisory: Trojaned Distribution Files
From: Nick Holland <nick@holland-consulting.net>
Date: Thu, 01 Aug 2002 13:19:21 -0400
References: <Pine.LNX.4.33L2.0208010950430.3586-100000@omni.acorn.net>

Dayton wrote:
> 
> Yeah, but another thing we all should be wondering is, were any OTHER
> files tampered with? How safe is it, for example, for us to pull down
> the patch branch right now?

I can assure you this issue was recognized and considered seconds
after the problem was discovered.

The analysis is going on.  Idle speculation by those not doing work
isn't going to do much besides spread dis/mis information.  And those
DOING work have more important things to do than keep the non-workers
informed right now.

If you want to help, look at the source on the CD.  Look at the source
on the current CVS repositories.  Look for anything that changed in a
bad way.  Yes, that's a biiiig task.

Nick.
-- 
http://www.holland-consulting.net

Follow-Ups:
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: Ben Goren <ben@trumpetpower.com>
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: Mike Johnson <mike@enoch.org>

References:
- Re: OpenSSH Security Advisory: Trojaned Distribution Files
  - From: Dayton <smartestguy@technologist.com>

Prev by Date: Re: OpenBrick
Next by Date: building openbsd on floppy
Prev by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Next by thread: Re: OpenSSH Security Advisory: Trojaned Distribution Files
Index(es):
- Date
- Thread