From oberman@es.net  Thu Jan 20 20:56:09 2011
Return-Path: <oberman@es.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6D470106566B
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Jan 2011 20:56:09 +0000 (UTC)
	(envelope-from oberman@es.net)
Received: from mailgw.es.net (mail1.es.net [IPv6:2001:400:201:1::2])
	by mx1.freebsd.org (Postfix) with ESMTP id 5A3848FC19
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Jan 2011 20:56:09 +0000 (UTC)
Received: from ptavv.es.net (ptavv.es.net [IPv6:2001:400:910::29])
	by mailgw.es.net (8.14.3/8.14.3) with ESMTP id p0KKu8NT021150
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 20 Jan 2011 12:56:09 -0800
Received: by ptavv.es.net (Tachyon Server, from userid 9381)
	id 3FE0C1CC0C; Thu, 20 Jan 2011 12:56:08 -0800 (PST)
Message-Id: <20110120205608.3FE0C1CC0C@ptavv.es.net>
Date: Thu, 20 Jan 2011 12:56:08 -0800 (PST)
From: Kevin Oberman <oberman@es.net>
Reply-To: Kevin Oberman <oberman@es.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: Newer version of OpenSSH-portable needed
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         154175
>Category:       ports
>Synopsis:       Newer version of security/openssh-portable needed
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 20 21:00:17 UTC 2011
>Closed-Date:    Fri Jan 21 09:41:08 UTC 2011
>Last-Modified:  Fri Jan 21 09:41:08 UTC 2011
>Originator:     Kevin Oberman
>Release:        FreeBSD 8.2-PRERELEASE i386
>Organization:
ESnet - The Energy Sciences Network
>Environment:
System: FreeBSD ptavv.es.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #1: Fri Dec 3 09:14:10 PST 2010 root@ptavv.es.net:/usr/obj/usr/src/sys/PTAVV8 i386


	
>Description:
	OpenSC 0.12 has been added to the ports tree replacing
0.11.13. This version depends on the support for PKCS in OpenSSH, but
FreeBSD still at the two year old 5.2.p1. PKCS11 support was added in
version 5.4 and the curent version is 5.6.

Until a new version of OpenSSH is available, we are stuck at 0.11.13
which has a known security
vulnerability.
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4523)

>How-To-Repeat:
	N/A
>Fix:
Port OpenSSH-5.4 or newer to FreeBSD
>Release-Note:
>Audit-Trail:

From: Mark Linimon <linimon@lonesome.com>
To: Kevin Oberman <oberman@es.net>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: ports/154175: Newer version of security/openssh-portable needed
Date: Fri, 21 Jan 2011 00:02:29 +0000

 Probably not going to happen unless someone wishes to take over
 maintainership.  Yourself, perhaps?
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Fri Jan 21 09:40:09 UTC 2011 
State-Changed-Why:  
er, my mistake.  See ports/150493. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=154175 
>Unformatted:
