Till now I was trying to upgrade the openssh package as we discovered openssh vulnerability in one of the security tools.
Now the only solution to this vulnerability is to upgrade or apply patch.
upgradation like we talked , will create N no. of dependancies...which we are reluctant to go ahead with. Also up2date requires valid subscription to redhat ?? Please comment on this.
The details:-
Vulnerability
http://www.cert.org/advisories/CA-2003-24.html
Solution
http://www.openssh.com/txt/buffer.adv
Now the above patch needs to be applied (and my long awaited problem can be resolved ..atleast I hope so).
But now the problem is how to apply it in the system?? When I referred to this link , found that its a some kind of C- code.
Can you help me in this case ?? And do you people also think that this patch would resolve the issue??????????????