CVE-2014-1692
Jason L Tibbitts III
tibbs at math.uh.edu
Fri Jan 31 08:45:15 EST 2014
>>>>> "AB" == Alex Bligh <alex at alex.org.uk> writes:
AB> If one is allowed to modify files in order to trigger security
AB> vulnerabilities, I think I could find some rather more obvious
AB> modifications to do with rather more serious impacts.
The original filing is interesting; there was confusion about whether it
qualified for a CVE at all, and the rationale by the assignment team is
given in a reply.
http://openwall.com/lists/oss-security/2014/01/29/2
- J<
More information about the openssh-unix-dev
mailing list