2009/6/30 Nico Golde <debian-security...@ngolde.de<debian-security%2...@ngolde.de> >
> Hi, > * Niko Thome <niko.th...@1und1.de> [2009-06-30 11:47]: > > I stumbled upon a vulnerability in OpenSSH reported back in November > > 2008. http://www.securityfocus.com/bid/32319 > > > > I was a bit concerned about that flaw, and tried to find out if it is > > fixed due a backport of some openSSH 5.2 upstream code. But I didn't > > find neither a bug nor a DSA for that flaw. > > > > Can you tell me how this bug is handled by Debian? > > http://security-tracker.debian.net/tracker/CVE-2008-5161 > Ouch! I agree with the note.