As I understand this bug, I think the vulnerability is a bit convoluted and is not something we should try to address in Ubuntu without upstream. If you feel strongly about this issue, I encourage you to file a bug with upstream OpenSSH.
** Changed in: openssh (Ubuntu) Assignee: Jamie Strandboge (jdstrand) => (unassigned) ** Changed in: openssh (Ubuntu) Status: Incomplete => Won't Fix -- ssh offers without question all your keys to any server https://bugs.launchpad.net/bugs/505493 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs