Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Date: Tue, 16 Sep 2003 17:39:35 -0400
From: "Tony Schmitt" <tonyschmitt2@aol.com>
Subject: new openssh vulnerability
To: cygwin@cygwin.com
Message-ID: <3F678317.6040001@aol.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; CHARSET=us-ascii
X-AOL-IP: 10.160.36.105

Corinna - I was informed of an SSH hole today. Referring to
http://www.securityfocus.com/advisories:

"...a buffer management error found in versions of OpenSSH earlier than
3.7. The possibility exists that this error could allow a remote exploit..."

Were you aware of this?

Thanks,

Tony Schmitt


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/