[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport for OpenSSH CBC Mode Information Disclosure Vulnerability

2009/6/30 Nico Golde <debian-security+ml@ngolde.de>
* Niko Thome <niko.thome@1und1.de> [2009-06-30 11:47]:
> I stumbled upon a vulnerability in OpenSSH reported back in November
> 2008. http://www.securityfocus.com/bid/32319
> I was a bit concerned about that flaw, and tried to find out if it is
> fixed due a backport of some openSSH 5.2 upstream code. But I didn't
> find neither a bug nor a DSA for that flaw.
> Can you tell me how this bug is handled by Debian?


Ouch! I agree with the note.

Reply to: