openssh-3.4p1.tar.gz trojaned
Dave Dittrich
dittrich at cac.washington.edu
Wed Aug 21 11:57:57 PDT 2002
My bad. Yes, this is old news (In my haste, I neglected to
fact-check). Sorry for the repeat announcement.
On Wed, 21 Aug 2002, William R. Somsky wrote:
> Isn't this old news? And I though they caught that and cleared it out
> soon after it was found way back then...
>
>
> On Tue, Aug 20, 2002 at 09:20:40PM -0700, Dave Dittrich wrote:
> > > Date: Thu, 1 Aug 2002 16:55:51 +1000
> > > Subject: openssh-3.4p1.tar.gz trojaned
> > > From: Edwin Groothuis <edwin at mavetju.org>
> > > To: incidents at securityfocus.com
> > >
> > > Greetings,
> > >
> > > Just want to inform you that the OpenSSH package op ftp.openbsd.org
> > > (and probably all its mirrors now) it trojaned:
> > >
> > > ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.4p1.tar.gz
--
Dave Dittrich Computing & Communications
dittrich at cac.washington.edu University Computing Services
http://staff.washington.edu/dittrich University of Washington
PGP key http://staff.washington.edu/dittrich/pgpkey.txt
Fingerprint FE97 0C57 0843 F3EB 49A1 0CD0 8E0C D0BE C838 CCB5
More information about the Linux
mailing list