This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [SECURITY] p7zip: CVE-2015-1038
- From: Achim Gratz <Stromeko at nexgo dot de>
- To: cygwin-apps at cygwin dot com
- Date: Fri, 12 Feb 2016 20:05:08 +0100
- Subject: Re: [SECURITY] p7zip: CVE-2015-1038
- Authentication-results: sourceware.org; auth=none
- References: <56AB9A3F dot 3040808 at cygwin dot com> <BAY169-W135C2459F190107A746FE76A7DB0 at phx dot gbl> <BAY169-W401D7F793D3E837DBF61F5A7DC0 at phx dot gbl> <BAY169-W408B5913ECB16EC67C8CD4A7DC0 at phx dot gbl> <20160208135409 dot GI27646 at calimero dot vinschen dot de> <BAY169-W61D70AFE36EB965B52B599A7D60 at phx dot gbl> <87twlgwfsp dot fsf at Rainer dot invalid> <BAY169-W8343B71FCE33C37B2C4219A7A80 at phx dot gbl>
Tony Kelman writes:
> I'm not very familiar with the intricacies of ssh auth options, as you
> can probably guess. I tried removing ~/.ssh/known_hosts (backing up to
> a different file name) but no change. Is there a cygport or sftp or ssh
> option via command line or environment variable that I can set for more
> verbose debugging output that might tell us what's going on here?
You probably need to connect to cygwin.com with ssh on the command line
once in order to accept the prompt about the changed (or unknown) host
key. You can then rely on cygport's canned use of ssh again.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
SD adaptation for Waldorf rackAttack V1.04R1:
http://Synth.Stromeko.net/Downloads.html#WaldorfSDada