Proposal: always handle keys in separate process

Loganaden Velvindron loganaden at gmail.com
Fri Jan 15 20:30:30 AEDT 2016


On Thu, Jan 14, 2016 at 7:12 PM, Alexander Wuerstlein <arw at cs.fau.de> wrote:
> Hello,
>
> in light of the recent CVE-2016-0777, I came up with the following idea,
> that would have lessened its impact. Feel free to ignore or flame me,
> maybe its stupid or I missed something :)
>

Feel free to come up with a patch. In OpenSSH, it's a good idea to
follow-up with a patch :)


More information about the openssh-unix-dev mailing list