New SSH Bug Scare

Even though an exploit hasn't been reliably confirmed, a new potential vulnerability announcement is making the rounds.

If, like me, you maintain Cobalt boxes, the Qube and the RAQ550 can be upgraded easily by compiling the official 3.7p1 source tree with:

# ./configure --prefix=/usr --sysconfdir=/etc/ssh
# make; make install
# /etc/rc.d/init.d/sshd restart
...
# telnet localhost 22
Trying localhost...
Connected to localhost.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.7p1

Won't be updating my boxes by hand, though. None of them is directly connected to the Internet, and should have something in Software Update soon, as usual.

The Worst Jobs In Science

Think you have it bad? Check these out. No mention of computer science, though.