* dann frazier:
Micah, Thanks for detecting this; however, I don't think
systemimager-ssh is vulnerable.
Thanks for investigating this.
Unfortunately, compression is not a build-time option for openssh, so it
would be somewhat invasive to remove the unused zlib library.
This is
Micah, Thanks for detecting this; however, I don't think
systemimager-ssh is vulnerable.
systemimager-ssh includes its own copy of zlib because of a dependency
in the ssh binary it builds. These binaries are downloaded by a client
system and used to set up a tunnel to the server. The ssh
2 matches
Mail list logo
