Upcoming OpenSSH vulnerability
Corinna Vinschen
vinschen at redhat.com
Wed Jun 26 07:23:15 EST 2002
On Tue, Jun 25, 2002 at 02:03:14PM -0400, Niels Provos wrote:
> On Tue, Jun 25, 2002 at 10:34:33AM +0200, Corinna Vinschen wrote:
> > The Cygwin version of OpenSSH can't support it since sendmsg()/recvmsg()
> > currently can't transmit file descriptors.
> You still get pre-authentication privilege separation if you support
> mmap. File descriptor passing is required only for
> post-authentication privilege separation.
Yep, I've already released a new version of OpenSSH (3.3p1-2) as
part of the Cygwin net release containing Markus' fix to suppress
postauth privsep.
Corinna
--
Corinna Vinschen
Cygwin Developer
Red Hat, Inc.
mailto:vinschen at redhat.com
More information about the openssh-unix-dev
mailing list