Holger Levsen wrote:
> https://github.com/hdm/juniper-cve-2015-7755/tree/master/firmware has links
> to
> the actual firmware images, I would appreciate if someone could throw them
> against (my.)diffoscope.org and share the links…!
Oh, didn't think of that! It may be a nice demo of
Hi,
One of the reproducible builds talk slides, showed a diff of OpenSSH
before and after some off-by-one vulnerability was fixed.
Here's a real-world malicious backdoor in Juniper ScreenOS's sshd:
https://community.rapid7.com/servlet/JiveServlet/showImage/38-7376-36434/ssh.png
The yellow
Hi Steven,
On Montag, 21. Dezember 2015, Steven Chamberlain wrote:
> One of the reproducible builds talk slides, showed a diff of OpenSSH
> before and after some off-by-one vulnerability was fixed.
>
> Here's a real-world malicious backdoor in Juniper ScreenOS's sshd:
>
Steven Chamberlain wrote:
> I uploaded the firmwares here but I think something broke... it has been
> "in queue, please wait" for over an hour :( The files were 25MB each.
> https://try.diffoscope.org/quvzskqbuysh
Okay, I did eventually finish. As suspected, diffoscope (or file or
binutils)
Hi,
Chris Lamb wrote:
> It actually finished in about 2 seconds but there was just a small bug:
>
> https://github.com/lamby/trydiffoscope/commit/3ed0ba502bf3f89d4c0599e3bcd390b3bb40f9f2
Thanks! And I was just about to point out the typo, but...