This is the mail archive of the
mailing list for the Cygwin project.
Re: new openssh vulnerability
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 17 Sep 2003 00:11:43 +0200
- Subject: Re: new openssh vulnerability
- References: <3F678317.firstname.lastname@example.org>
- Reply-to: cygwin at cygwin dot com
On Tue, Sep 16, 2003 at 05:39:35PM -0400, Tony Schmitt wrote:
> Corinna - I was informed of an SSH hole today. Referring to
> "...a buffer management error found in versions of OpenSSH earlier than
> 3.7. The possibility exists that this error could allow a remote exploit..."
> Were you aware of this?
Yes, but not for long. I'm subscribed to the portable openssh
developers mailing list but for some reason I'm getting the postings
currently with about 30 hours(!) delay. For that reason I learned
about the release of 3.7p1 and the security advisory just 2 hours
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:email@example.com
Red Hat, Inc.
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html