In association with heise online

08 November 2006, 13:35

OpenSSH 4.5 available

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The new version 4.5 of the open source SSH implementation OpenSSH is a bugfix only release and removes one single security related flaw. Specifically, it fixes a vulnerability in the privilege separation monitor that can lead to problems in the recognition of valid authentication attempts. The developers offered no more specific details in the release notes. Privilege separation serves to increase security in server services. A privileged parent process creates an unprivileged child process when needed and then monitors its work. Defined interfaces called sockets allow the child process to delegate specific operations back to the parent, such as authentication. Two non-security related flaws were also removed. These affect portability and compatibility with Solaris.

See also:

(ehe)

Print Version | Send by email | Permalink: http://h-online.com/-731771
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit