Date: Wed, 24 Apr 2019 12:24:00 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@FreeBSD.org> To: Brahmanand Reddy <brahma.gdb@gmail.com> Cc: openssh@openssh.com, FreeBSD-security@freebsd.org Subject: Re: POC and patch for the CVE-2018-15473 Message-ID: <86mukfhfb3.fsf@next.des.no> In-Reply-To: <CAKsRH7mBLc3FTJ08uETkniG=wdwyaZrvpYYJAxYmj%2BpPRU4ibw@mail.gmail.com> (Brahmanand Reddy's message of "Tue, 23 Apr 2019 06:46:15 %2B0530") References: <CAKsRH7mBLc3FTJ08uETkniG=wdwyaZrvpYYJAxYmj%2BpPRU4ibw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brahmanand Reddy <brahma.gdb@gmail.com> writes: > regarding the CVE-2018-15473 dint find find official patch from the opens= sh > on freebsd OS base. CVE-2018-15473 is a user existence oracle bug which does not meet our criteria for security advisories. FreeBSD 12 has OpenSSH 7.8, which is patched. FreeBSD 11 has OpenSSH 7.5, which is not. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86mukfhfb3.fsf>