Manualshelf

HP-UX Secure Shell A.04.30.006 and A.04.30.007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
19202122232425262728
HP-UX Secure Shell A.04.30.006 and A.04.30.007
Frequently Asked Questions (FAQ)
Chapter 27
Is HP-UX Secure Shell vulnerable to the reported double free bug in the
zlib compression algorithm documented at
http://www.cert.org/advisories/CA-2002-07.html
?
All versions of HP-UX Secure Shell starting from A.03.10 are built with
support for zlib-1.1.4 or later. So, HP-UX Secure Shell is not affected
by the bug described above.
HP-UX Secure Shell A.04.30.006/007 is built with zlib v1.2.3.
Is HP-UX Secure Shell vulnerable to the following CERTs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0131?
This version of HP-UX Secure Shell is built with OpenSSL-0.9.7i and is
not affected by these two CERTs. The vulnerabilities were fixed in
OpenSSL-0.9.7d.