On 2019-03-20 09:06, Bill Stewart wrote:
> On Wed, Mar 20, 2019 at 8:53 AM Bruce Halco wrote:
>> The problem is I have 8 customers failing PCI network scans because of
>> CVE-2019-6111, so I don't think the patch for CVE-2018-20685 is going to
>> help.
>> If 8.0 is close (maybe weeks?) I can afford
On Wed, Mar 20, 2019 at 8:53 AM Bruce Halco wrote:
> The problem is I have 8 customers failing PCI network scans because of
> CVE-2019-6111, so I don't think the patch for CVE-2018-20685 is going to
> help.
>
> If 8.0 is close (maybe weeks?) I can afford to wait a while. Otherwise
> I'll have to t
The problem is I have 8 customers failing PCI network scans because of
CVE-2019-6111, so I don't think the patch for CVE-2018-20685 is going to
help.
If 8.0 is close (maybe weeks?) I can afford to wait a while. Otherwise
I'll have to take some other action. I don't like any of my
alternatives
On Mar 20 09:13, Bruce Halco wrote:
> openSSH 7.9 is subject to vulnerability CVE-2019-6111. This has been fixed
> in at least some distributions, Debian at least.
Fedora (which is our role model) doesn't and the vulnerability is not
deemed that critical by the upstream maintainers:
https://lists
openSSH 7.9 is subject to vulnerability CVE-2019-6111. This has been
fixed in at least some distributions, Debian at least.
As the cygwin openSSH files are all dated October, 2018, it seems clear
that the fix has not yet been applied to cygwin.
Are there plans to address this?
Thanks.
Bruce
On Tue, Sep 16, 2003 at 05:39:35PM -0400, Tony Schmitt wrote:
> Corinna - I was informed of an SSH hole today. Referring to
> http://www.securityfocus.com/advisories:
>
> "...a buffer management error found in versions of OpenSSH earlier than
> 3.7. The possibility exists that this error could all
Corinna - I was informed of an SSH hole today. Referring to
http://www.securityfocus.com/advisories:
"...a buffer management error found in versions of OpenSSH earlier than
3.7. The possibility exists that this error could allow a remote exploit..."
Were you aware of this?
Thanks,
Tony Schmitt
7 matches
Mail list logo
