eh? $ cat /etc/apt/sources.list #deb ftp://ftp.mn-linux.org/linux/debian woody main contrib non-free deb http://http.us.debian.org/debian woody main contrib non-free deb http://non-us.debian.org/debian-non-US woody/non-US main contrib non-free deb http://security.debian.org/debian-security stable/updates main contrib non-free $ apt-get update $ dpkg --list |grep ssh ii ssh 2.2.0p1-1.1 Secure rlogin/rsh/rcp replacement (OpenSSH) $ apt-get install ssh Reading Package Lists... Building Dependency Tree... Sorry, ssh is already the newest version Andy Zbikowski wrote: > > http://razor.bindview.com/publish/advisories/adv_ssh1crc.html > > In Debian fashion, the OpenSSH package in Potato has allready been fixed. > OpenSSH prior to 2.3.0 is vulnerable. > > If you don't have the security sources in /etc/apt/sources.list: > deb http://security.debian.org/ stable/updates main contrib non-free > deb-src http://security.debian.org/ stable/updates main contrib non-free > > -- > Andy Zbikowski, Sys Admin | (WEB) http://www.ltiflex.com > LTI Flexible Products, Inc. | (PH) 763-428-9119 (EX) 132 > 21801 Industrial Blvd | (FX) 763-428-9126 > Rogers, MN 55374 | (PCS) 612-306-6055 -- John Hawley BGEA/ITS <=> Network Admin 612.335.1334 jhawley at bgea.org