Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sources DOT redhat DOT com>
List-Help:	<mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT sources DOT redhat DOT com
Delivered-To:	mailing list cygwin AT sources DOT redhat DOT com
Date:	Mon, 12 Feb 2001 10:15:20 +0100
From:	Corinna Vinschen <cygwin AT cygwin DOT com>
To:	cygwin <cygwin AT cygwin DOT com>
Subject:	Re: Authentication By-Pass Vulnerability in OpenSSH 2.3.1 (devel snapshot) (fwd)
Message-ID:	<20010212101520.D2107@cygbert.vinschen.de>
Mail-Followup-To:	cygwin <cygwin AT cygwin DOT com>
References:	<20010209084018 DOT C4880 AT cygbert DOT vinschen DOT de> <3A83A7B3 DOT 756449B5 AT ece DOT gatech DOT edu>
Mime-Version:	1.0
User-Agent:	Mutt/1.2.5i
In-Reply-To:	<3A83A7B3.756449B5@ece.gatech.edu>; from cwilson@ece.gatech.edu on Fri, Feb 09, 2001 at 03:17:55AM -0500

On Fri, Feb 09, 2001 at 03:17:55AM -0500, Charles Wilson wrote:
> Corinna Vinschen wrote:
> > FYI for those running snapshots.  I have removed the openssh-20010202
> > snapshot from cygwin/latest.
> > 
> > If you are using the openssh-20010202 snapshot PLEASE REVERT BACK TO
> > openssh-20001221 OR openssh-2.3.0p1.!!!
> 
> This means you have to re-regenerate your RSA keys after reverting back
> to the older version, right?

Right, but only the SSH2 RSA keys, not the SSH1 keys. Or you drop
usage of SSH2 RSA until the next official OpenSSH is released.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple

- Raw text -