CVE request: openssh

[Vincent Danen <vdanen () redhat com>]

> OpenSSH Security Advisory: portable-keysign-rand-helper.adv
>
> This document may be found at:
> http://www.openssh.com/txt/portable-keysign-rand-helper.adv
>
> 1. Vulnerability
>
>        Portable OpenSSH's ssh-keysign utility may allow unauthorised
>        local access to host keys on platforms if ssh-rand-helper is
>        used.

Full details at the URL above.  I don't see a CVE name in the advisory;
could one be assigned for this flaw?

Note: it only affects 5.6 and 5.7.

Thanks.

--
Vincent Danen / Red Hat Security Response Team