Mail Archives: cygwin/2019/03/20/09:13:36

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2019/03/20/09:13:36

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:to:from:subject:message-id:date:mime-version

:content-type:content-transfer-encoding; q=dns; s=default; b=kgV

XlU629GOo8HAdF94kUkesfMK0ttlNty7Lhj0HOhlqoaIse++p+2j3bs8KPr3eTh2

e2l1bQkWMXWuXvAply++LOCmstHW3SwD81ZLPpYjI3Vu3FOAPctL40ZJMdhQVyB/

FuCkZE7IjI6NSDtMdluuW4eb6NTpbWcTk2o8JFQU=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:to:from:subject:message-id:date:mime-version

:content-type:content-transfer-encoding; s=default; bh=jcReCig+9

TKPzg6XU2ZioSbv8vA=; b=vXm1w0GxLW7Bg459WXY3SIcyOhSUlmJl4XYMmfzja

+/7U0Hg7/QHG0xStsNfuA1zSRYIBwgpQ48ZIWYpBziT2kBg05uWEEFBBP66jwbUV

t6d1FhuaXWRcIsbfCdlTapmiY1+TUbBwlz5SXrlEvmMrMnbHXnBthAIbkGXDGzKY

88=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Spam-SWARE-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS autolearn=ham version=3.3.1 spammy=HX-Languages-Length:319, dated

X-HELO: mout.perfora.net

To: cygwin AT cygwin DOT com

From: Bruce Halco <bruce AT halcomp DOT com>

Subject: openSSH Vulnerability

Message-ID: <cdd0f8a3-8e3c-5b9c-7633-40af3424f780@halcomp.com>

Date: Wed, 20 Mar 2019 09:13:21 -0400

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1

MIME-Version: 1.0

openSSH 7.9 is subject to vulnerability CVE-2019-6111. This has been 
fixed in at least some distributions, Debian at least.

As the cygwin openSSH files are all dated October, 2018, it seems clear 
that the fix has not yet been applied to cygwin.

Are there plans to address this?

Thanks.

Bruce




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:message-id:date:mime-version
	:content-type:content-transfer-encoding; q=dns; s=default; b=kgV
	XlU629GOo8HAdF94kUkesfMK0ttlNty7Lhj0HOhlqoaIse++p+2j3bs8KPr3eTh2
	e2l1bQkWMXWuXvAply++LOCmstHW3SwD81ZLPpYjI3Vu3FOAPctL40ZJMdhQVyB/
	FuCkZE7IjI6NSDtMdluuW4eb6NTpbWcTk2o8JFQU=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:message-id:date:mime-version
	:content-type:content-transfer-encoding; s=default; bh=jcReCig+9
	TKPzg6XU2ZioSbv8vA=; b=vXm1w0GxLW7Bg459WXY3SIcyOhSUlmJl4XYMmfzja
	+/7U0Hg7/QHG0xStsNfuA1zSRYIBwgpQ48ZIWYpBziT2kBg05uWEEFBBP66jwbUV
	t6d1FhuaXWRcIsbfCdlTapmiY1+TUbBwlz5SXrlEvmMrMnbHXnBthAIbkGXDGzKY
	88=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Spam-SWARE-Status:	No, score=-1.2 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS autolearn=ham version=3.3.1 spammy=HX-Languages-Length:319, dated
X-HELO:	mout.perfora.net
To:	cygwin AT cygwin DOT com
From:	Bruce Halco <bruce AT halcomp DOT com>
Subject:	openSSH Vulnerability
Message-ID:	<cdd0f8a3-8e3c-5b9c-7633-40af3424f780@halcomp.com>
Date:	Wed, 20 Mar 2019 09:13:21 -0400
User-Agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version:	1.0