OpenSSH 5.0 / W3AF beta 6
Some new software shipped that I should have mentioned, and apparently it go past me..
The first is OpenSSH 5.0, release quite shortly after OpenSSH 4.9 (I believe it was 4 or 5 days). The following was attached to the release notes:
We apologise for any inconvenience resulting from this release being made so shortly after 4.9. Unfortunately we only learned of the below security issue from the public CVE report. The Debian OpenSSH maintainers responsible for handling the initial report of this bug failed to report it via either the private OpenSSH security contact list (openssh@openssh.com) or the portable OpenSSH Bugzilla (http://bugzilla.mindrot.org/).
The security issue in question was CVE-2008-1483.
The second piece of software is W3AF Beta 6. The Web Application Attack & Audit Framework is designed to create an extensible framework for finding and exploiting web application vulnerabilities. Beta 6 introduces a GTK UI, new plugins and bug fixes.
Categories: Daily Link List