On Friday 26 March 2010 07:25:53 pm MichaĆ Piotrowski wrote:
Vulnerability described in CVE-2009-2904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2904 was
addressed in
https://rhn.redhat.com/errata/RHSA-2009-1470.html for
RHEL. Isn't F11 openssh version also vulnerable?
RHEL5 uses version 4.3. The CVE was caused by a flaw in a patch that backported
a feature from 4.8 to 4.3. Fedora 11 is on 5.2, so it should not be
vulnerable.
-Steve