[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [USN-758-1] udev vulnerabilities

To: Ubuntu Security <security@xxxxxxxxxx>
Subject: Re: [Full-disclosure] [USN-758-1] udev vulnerabilities
From: Kay Nettle <pkn@xxxxxxxxxxxxx>
Date: Sun, 19 Apr 2009 08:09:31 -0500

>Does this look right?

I recognize most of those as security updates.  Are you on the
ubuntu security announce list?  It looks like everything installed fine.
Since it installed the openssh-client, you may want to turn off the bits
for:

/usr/bin/ssh
/usr/bin/scp
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-keygen
/usr/bin/ssh-keyscan
/usr/bin/sftp
/usr/bin/ssh-vulnkey
/usr/bin/ssh-copy-id
/usr/bin/ssh-argv0

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] [USN-758-1] udev vulnerabilities
  - From: Kees Cook

Prev by Date: [Full-disclosure] [ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities
Next by Date: [Full-disclosure] [SECURITY] [DSA 1775-1] New php-json-ext packages fix denial of service
Previous by thread: [Full-disclosure] [USN-758-1] udev vulnerabilities
Next by thread: [Full-disclosure] iDefense Security Advisory 04.15.09: Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability
Index(es):
- Date
- Thread