| delorie.com/archives/browse.cgi | search |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 delorie.com 52690TmC342151 |
| Authentication-Results: | delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com |
| Authentication-Results: | delorie.com; spf=pass smtp.mailfrom=cygwin.com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 delorie.com 52690TmC342151 |
| Authentication-Results: | delorie.com; |
| dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=SfnN73sH | |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 6FF83385842D |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1741251628; | |
| bh=eTb5S1vKei+jkycqDVBnb72RPrsSs9mw85azGnQM3Jk=; | |
| h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe: | |
| List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: | |
| From; | |
| b=SfnN73sHbQbLGPDbmpe3f+DVvESrOuj9yqJ9bUpNbEgr1Gc3WmpWK8ZEjzlosRyJT | |
| xM3w4G3JJxeOd9U78FImpDclQ1jXmLERR8hdUVey2Yn5Bfv5cV4L7ZABznUXMnvhKQ | |
| COwjeJeB71VEVMQgMD+3VwsdVCaiSb1lY1Jcf1/c= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 229B43858D28 |
| Date: | Thu, 6 Mar 2025 09:59:21 +0100 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Cygwin OpenSSH version detection by Tenable |
| Message-ID: | <Z8lj6aZTX26v_H9j@calimero.vinschen.de> |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <PH0PR84MB18364E960950D1F0C2080315A5CB2 AT PH0PR84MB1836 DOT NAMPRD84 DOT PROD DOT OUTLOOK DOT COM> |
| <19A5E907-7DDF-4FB8-9004-0C8A6B269C1A AT unified-streaming DOT com> | |
| MIME-Version: | 1.0 |
| In-Reply-To: | <19A5E907-7DDF-4FB8-9004-0C8A6B269C1A@unified-streaming.com> |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | cygwin AT cygwin DOT com |
| Cc: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| Errors-To: | cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> |
On Mar 5 20:49, Dimitry Andric via Cygwin wrote: > In my opinion, it is wrong that scanners rely on this information. :-) Exactly. > I guess something similar could be done in the Cygwin package. This is > up to the Cygwin maintainers of course. And that doesn't change if some distros tweak their identification string but others don't. Fedora, for instance doesn't do that either. So a security scanner relying on that, is simply wrong. Cygwin's OpenSSH package is from the stock sources without local change for ages, since Cygwin is one of the supported upstream platforms. Any necessary change will go upstream, so that the Cygwin version can be built from stock upstream again. Corinna -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |