[WBEL-users] How do I know whether ssh is patched against the
latest exploits?
William Hooper
whooperhsd2@earthlink.net
Wed, 5 May 2004 16:19:04 -0400 (EDT)
Matt Grab said:
> I have 3.6.1p2-18 installed from up2date (whitebox channel from nc
> mirror).
> up2date says all packages on my system are current - none to update.
> I heard that ssh lower than 3.7 is remotely exploitable.
You need more information (perhaps a CVE number). Then you look it up in
the changelog:
$ rpm -q --changelog openssh
Or, Red Hat's Errata page:
https://rhn.redhat.com/errata/rhel3es-errata.html
--
William Hooper