On Wed, Feb 28, 2007 at 08:59:47PM +0100, Stefan Fritsch wrote: > >From CVE-2007-1099: > dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the > user > when it detects a hostkey mismatch, which might allow remote attackers to > conduct man-in-the-middle attacks. > > This is fixed in 0.49, see > http://matt.ucc.asn.au/dropbear/CHANGES > > Please mention the CVE id in the changelog. >
Thanks, I'll take care of this. Regards, Gerrit. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]