Package: openssh Vulnerability: Privilege escalation OpenPKG Specific: No Affected Releases: - OpenPKG CURRENT: All versions with affected packages - OpenPKG 2.4: - OpenPKG 2.3: None specified Description: - A security vulnerability in OpenSSH version 4.0 caused gateway ports to be accidentally activated for dynamic port forwardings when the listen address was not explicitly specified, leading to potential exposure to external access. Solution: - Upgrade to corrected packages ( for OpenPKG CURRENT, for OpenPKG 2.4). - Detailed steps involve fetching the appropriate source RPM, verifying its integrity, building a binary RPM, and then updating the OpenPKG installation. Security Note: Digitally signed with OpenPGP public key for OpenPKG; instructions for verifying the signature are provided.