[Twisted-Python] Developer Security Notice

Glyph Lefkowitz glyph at twistedmatrix.com
Wed Jun 26 12:06:21 EDT 2002

From: Glyph Lefkowitz <glyph at twistedmatrix.com>
Subject: [Twisted-Python] Developer Security Notice
Date: Tue, 25 Jun 2002 08:26:16 -0500 (CDT)

> Due to a potentially major security hazard, ssh has been shut down on
> twistedmatrix.com until further notice.  There has been a discovery of a remote
> root exploit, but Theo de Raadt has mysteriously refrained from actually
> providing evidence of this exploit or a patch to fix it.

More information has suddenly become available.  The supar s1kr3t debian
informant who contacted me with the information has informed me that (while not
official yet) the compile options that Debian uses to build openssh don't make
it vulnerable.

Ah well, didn't finish 'trash' before I found out about this, so I'll be
tabling that for a while (UNIX is hard, kids; don't try this at home.)

 |    <`'>    |  Glyph Lefkowitz: Traveling Sorcerer   |
 |   < _/ >   |  Lead Developer,  the Twisted project  |
 |  < ___/ >  |      http://www.twistedmatrix.com      |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://twistedmatrix.com/pipermail/twisted-python/attachments/20020626/f8bb87da/attachment.pgp 

More information about the Twisted-Python mailing list