oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request - OpenSSH

From: "mancha" <mancha1 () hush com>
Date: Fri, 08 Nov 2013 04:02:11 +0000
Hello Kurt, vendors, et al.

OpenSSH has released an advisory[1] detailing a memory corruption
vulnerability in the post-authentication sshd process when using an
aes*-gcm () openssh com cipher.

OpenSSH 6.4/6.4p1 were released to address the problem.

Would you please allocate a CVE for this issue? Thanks.

--mancha

[1] http://www.openssh.com/txt/gcmrekey.adv
Previous By Date Next
Previous By Thread Next

Current thread: