Hi, I just joined the list after the admin of the network in my house had complained that sshd running in my computer is "remotely exploitable". I asked for more details and he only said it's the bug in the crc32 bit. He also told me to install the newest version of openssh. The problem is now which package I should install. I tried ssh-nonfree, but it complained that some of the dependences is not installable. I'm not very familiar with this issue. I couldn't find much information on it on debian pages. The ssh package I currently have is ssh_1.2.3-9.3_i386.deb.
I have understood that the crc32 bug was already found in February so I find it hard to believe that it's not already fixed on debian (I'm running woody on a laptop PC). I should have all the security fixes installed on my system (there is this security.debian.org line on my sources.list file). Thanks for any information, Ville
