Bug#483755: openssh-client: ssh-vulnkey from lenny (testing) doesn't work with blacklists from sid

To: Vincent Lefevre <vincent@vinc17.org>, 483755@bugs.debian.org
Subject: Bug#483755: openssh-client: ssh-vulnkey from lenny (testing) doesn't work with blacklists from sid
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 30 May 2008 23:12:14 +0100
Message-id: <[🔎] 20080530221214.GJ16645@riva.ucam.org>
Reply-to: Colin Watson <cjwatson@debian.org>, 483755@bugs.debian.org
In-reply-to: <[🔎] 20080530212059.GA28893@ay.vinc17.org>
References: <[🔎] 20080530212059.GA28893@ay.vinc17.org>

On Fri, May 30, 2008 at 11:21:00PM +0200, Vincent Lefevre wrote:
> First, the blacklists from testing don't contain all vulnerable keys
> used in practice: one needs openssh-blacklist-extra, which exists
> only in sid. But ssh-vulnkey from the lenny's openssh-client package
> can't find these blacklists: one always gets "Unknown (no blacklist
> information)", probably because of the relocate that occurred in
> openssh-blacklist 0.4.
> 
> As this has security concerns, lenny's openssh-client package should
> be fixed to take care of that.

I'm trying, of course. I need to do something about bug #481860 in order
to make that happen, or else decide it isn't all that RC after all and
downgrade.

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

References:
- Bug#483755: openssh-client: ssh-vulnkey from lenny (testing) doesn't work with blacklists from sid
  - From: Vincent Lefevre <vincent@vinc17.org>

Prev by Date: Bug#483730: ssh-vulnkey -h to man page
Next by Date: Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Previous by thread: Bug#483755: openssh-client: ssh-vulnkey from lenny (testing) doesn't work with blacklists from sid
Next by thread: Bug#483756: track forced notification
Index(es):
- Date
- Thread