Package: openssh Severity: grave Tags: security Justification: user security hole
Please see http://www.openssh.com/txt/gcmrekey.adv No CVE ID has been assigned yet. AES-GCM support was introduced in 6.2, so oldstable and stable should be fine (from http://www.openssh.com/txt/release-6.2): | * ssh(1)/sshd(8): Added support for AES-GCM authenticated encryption in | SSH protocol 2. The new cipher is available as [email protected] | and [email protected]. It uses an identical packet format to the | AES-GCM mode specified in RFC 5647, but uses simpler and different | selection rules during key exchange. Cheers, Moritz _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
