Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet

To: Chris Lamb <lamby@debian.org>
Cc: 906236@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>, team@security.debian.org
Subject: Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
From: Sébastien Delafond <seb@debian.org>
Date: Tue, 21 Aug 2018 10:35:04 +0200
Message-id: <[🔎] 20180821083504.GC5008@centurion.befour.org>
Reply-to: Sébastien Delafond <seb@debian.org>, 906236@bugs.debian.org
In-reply-to: <[🔎] 1534840364.1962008.1480991648.7BB57D96@webmail.messagingengine.com>
References: <[🔎] 1534667577.892318.1478864568.4ECB7599@webmail.messagingengine.com> <[🔎] 20180821075524.GB5008@centurion.befour.org> <[🔎] 1534840364.1962008.1480991648.7BB57D96@webmail.messagingengine.com> <[🔎] 153436226668.6714.11130467831594285376.reportbug@eldamar.local>

On Aug/21, Chris Lamb wrote:
>  a) You will take the lead on stable/DSA.
>  b) I'll carry on with LTS, etc.

Yes.

--Seb

Reply to:

References:
- Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
  - From: Chris Lamb <lamby@debian.org>
- Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
  - From: Sébastien Delafond <seb@debian.org>
- Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
  - From: Chris Lamb <lamby@debian.org>
- Bug#906236: openssh: delay bailout for invalid authenticating user until after the packet
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
Next by Date: Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
Previous by thread: Bug#906236: openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet
Next by thread: Bug#906236: marked as done (openssh: CVE-2018-15473: delay bailout for invalid authenticating user until after the packet)
Index(es):
- Date
- Thread