tags 774769 + upstream forwarded 774769 https://github.com/lavv17/lftp/issues/116 thanks
Hello Marcin, Am Mittwoch, den 07.01.2015, 12:39 +0100 schrieb Marcin Szewczyk: > From the src/SSH_Access.cc file: > 47: const char *y="(yes/no)?"; > 73: if(s>=y_len && !strncasecmp(b+s-y_len,y,y_len)) > 74: { > 75: pty_recv_buf->Put("yes\n"); > 76: pty_send_buf->Put("yes\n"); > 77: return m; > 78: } > > Not only does it make a particular SFTP file transfer insecure, but also > any future connection via any SSH client. ... Thanks for your report. I agree the user should be asked and forwarded your report to the upstream issue tracker. Regards Noël -- Noël Köthe <noel debian.org> Debian GNU/Linux, www.debian.org
signature.asc
Description: This is a digitally signed message part