[Bug 737] CERT® Advisory CA-2003-26 - any effect on OpenSSH?

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Oct 9 02:04:46 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=737

           Summary: CERT® Advisory CA-2003-26 - any effect on OpenSSH?
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: security
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: moulton at snmp.com


Please pardon me if submitting a bug report is not the correct
procedure to address this.

Is OpenSSH affected by the vulnerability in OpenSSL discussed in
http://www.cert.org/advisories/CA-2003-26.html ?  I don't find a reference
to it on the OpenSSH web site.

CERT's only discussion wrt OpenSSH is 
  .  http://www.kb.cert.org/vuls/id/AAMN-5RXR29
  .  an assertion by IBM that it does not affect OpenSSH as they distribute it.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list