Hi, I'm currently trying to tackle the CVE about passing credentials to redirected servers. I wonder if it may be necessary to be able to disable this feature, if one trusts the servers, ie if some kind of command-line option might be necessary.
Josef -- SUSE Software Solutions Germany GmbH Maxfeldstr. 5 90409 Nürnberg Germany (HRB 36809, AG Nürnberg) Geschäftsführer: Felix Imendörffer