Hi - Is ssh2 2.0.13-6 (the debian/unstable package from packages.debian.org) vulnerable to the crc32 compensation attack described here ?
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html How about the ssh 1:1.2.3-9.3 and ssh-nonfree 1.2.27-6.1 packages (debian/stable from packages.debian.org), are they safe regarding this attack? Thanks for your help. Regards Philipp Haeuser
