We need an updated ebuild :-)
not really, the security issue has been fixed in the 4.2p1-r1 ebuild already i'll throw 4.3 in once we get that ver in stable
You're wrong there: openssh-4.3 also brings new features (quoted from http://www.mindrot.org/pipermail/openssh-unix-announce/2006-February/000084.html) I'd really like to test the VPN stuff and give feedback in the forums (or write a howto, we'll see :)) Changes since OpenSSH 4.2: ============================ Security bugs resolved in this release: * CVE-2006-0225: scp (as does rcp, on which it is based) invoked a subshell to perform local to local, and remote to remote copy operations. This subshell exposed filenames to shell expansion twice; allowing a local attacker to create filenames containing shell metacharacters that, if matched by a wildcard, could lead to execution of attacker-specified commands with the privilege of the user running scp (Bugzilla #1094) This is primarily a bug-fix release, only one new feature has been added: * Add support for tunneling arbitrary network packets over a connection between an OpenSSH client and server via tun(4) virtual network interfaces. This allows the use of OpenSSH (4.3+) to create a true VPN between the client and server providing real network connectivity at layer 2 or 3. This feature is experimental and is currently supported on OpenBSD, Linux, NetBSD (IPv4 only) and FreeBSD. Other operating systems with tun/tap interface capability may be added in future portable OpenSSH releases. Please refer to the README.tun file in the source distribution for further details and usage examples.
thanks, i can read the NEWS file my point was that 4.3 is not *needed* since the security fix is already in portage
*** Bug 121246 has been marked as a duplicate of this bug. ***
I just wanted to give complete information, no need to start getting inpolite. I didn't talk about the security fix, but about new features - I think we just misunderstood each other a bit. Anyway, thanks for writing the ebuilds :)
Created attachment 78769 [details] openssh-4.3_p1.ebuild for those who are bored
4.3 in portage now