Ok. I have the good old open ssh 2.3.0-something. Now
http://openssh.org/security.html says it is not vulnerable to cookie
deletion or source based access control vulnerabilities (only
2.5.x-2.9.x, excluding 2.9.9, are). This is fine as long as I try to
get woody's open ssh, which is 2.9psomething. Where does this version
number fall in openssh's version numbering scheme? Between 2.8.(what
ever was the biggest number here) and 2.9.0 or where? The answer to
whether it is vulnerable or not might be enough but I am so confused
about open ssh's version numbers: why do they change the whole
_format_ of their version numbers??? 2.9 is lacking one minor version
specifier as compared to 2.9.9, which has two.
TIA.
--
-----------------------------------------------
| Juha Jäykkä, [EMAIL PROTECTED] |
| home: http://www.utu.fi/~juolja/ |
-----------------------------------------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
