------- Forwarded message follows ------- Date sent: Wed, 26 Sep 2001 23:18:23 +0200 From: "Markus Friedl" <markus at openbsd.org> To: security-announce at openbsd.org Subject: OpenSSH Security Advisory (adv.option) Weakness in OpenSSH's source IP based access control for SSH protocol v2 public key authentication. 1. Systems affected: Versions of OpenSSH between 2.5.x and 2.9.x using the 'from=' key file option in combination with both RSA and DSA keys in ~/.ssh/authorized_keys2. 8<------- SNIP Full anouncment with patch at: http://marc.theaimsgroup.com/?l=openssh-unix- dev&m=100153916114045&w=2