* dann frazier:
> Micah, Thanks for detecting this; however, I don't think
> systemimager-ssh is vulnerable.
Thanks for investigating this.
> Unfortunately, compression is not a build-time option for openssh, so it
> would be somewhat invasive to remove the unused zlib library.
This is unnecess
Micah, Thanks for detecting this; however, I don't think
systemimager-ssh is vulnerable.
systemimager-ssh includes its own copy of zlib because of a dependency
in the ssh binary it builds. These binaries are downloaded by a client
system and used to set up a tunnel to the server. The ssh command
2 matches
Mail list logo
