How to track vulnerability fixes

Sandeep Umesh sanumesh at in.ibm.com
Tue Jan 31 17:14:31 AEDT 2017

Previous message (by thread): typo in sshd.8 SSH_KNOWN_HOSTS FILE FORMAT section?
Next message (by thread): 2661 | ssh-client | Request for a informational output to user instead of just password prompt
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

In 7.3 release notes:
https://www.openssh.com/txt/release-7.3

We have 5 security related fixes, however CVE # has been assigned to only 2
of them (CVE-2016-6210 and CVE-2015-8325). Does that mean the other 3 are
non security related fixes ?
When does a security fix qualify to be a assigned a CVE # ?

Thanks


Regards
Sandeep

Previous message (by thread): typo in sshd.8 SSH_KNOWN_HOSTS FILE FORMAT section?
Next message (by thread): 2661 | ssh-client | Request for a informational output to user instead of just password prompt
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssh-unix-dev mailing list