CVE-2015-6563 and CVE-2015-6564

Darren Tucker dtucker at zip.com.au
Fri Sep 11 09:36:32 AEST 2015


On Fri, Sep 11, 2015 at 3:32 AM, Scott Neugroschl <scott_n at xypro.com> wrote:

> Got a question.   Am I vulnerable to CVE-2015-6563 and CVE-2015-6564  if I
> have PAM support disabled (--without-pam)
>

No.  The code in question is not compiled in when sshd is built
--without-pam.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list