From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christopher Lemmer Webber Subject: Re: openssh vulnerability Date: Wed, 17 Oct 2018 09:15:36 -0400 Message-ID: <87woqgiuiv.fsf@dustycloud.org> References: <87efcp74ip.fsf@dustycloud.org> <87bm7ti3hd.fsf@gnu.org> <20181017054252.GA21802@jasmine.lan> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:58323) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gClfm-00041C-LB for guix-devel@gnu.org; Wed, 17 Oct 2018 09:15:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gClfl-0000pR-P8 for guix-devel@gnu.org; Wed, 17 Oct 2018 09:15:38 -0400 In-reply-to: <20181017054252.GA21802@jasmine.lan> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Leo Famulari Cc: Guix-devel Leo Famulari writes: > On Wed, Oct 17, 2018 at 12:47:26AM -0400, Mike Gerwitz wrote: >> On Tue, Oct 16, 2018 at 21:20:30 -0400, Christopher Lemmer Webber wrote: >> > https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/ >> > >> > seems serious? >> >> Very... Fortunately that's libssh and not OpenSSH[0], but with that said, >> it does appear to be packaged in Guix and there are a couple packages >> that use it. Ha, sorry for the scare. > Patch at Yay, thanks Leo!