... darkrealms ...

Forums before death by AOL, social media and spammers... "We can't have nice things"

comp.os.vms

DEC's VAX* line of computers & VMS.

264,096 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 263,286 of 264,096

Craig A. Berry to Simon Clubley

Re: OpenSSH Version 9.9-2 for VSI OpenVM

08 Sep 25 12:58:54

   From: craigberry@nospam.mac.com   
      
   On 9/8/25 12:47 PM, Simon Clubley wrote:   
   > On 2025-09-08, Arne Vajhøj  wrote:   
   >> For those that have not read the release notes - you should,   
   >> because:   
   >>   
   >>    
   >> OpenSSH Version 9.9-2 for VSI OpenVMS Release Notes and Installation Guide   
   >> 2.3. Known Problems and Restrictions   
   >> ...   
   >> ? Using the SET TERMINAL/WIDTH=value command to resize your PuTTY   
   >> terminal window   
   >> (even as part of your LOGIN.COM) will cause the session to terminate.   
   >>    
   >>   
   >   
   > JFC, how the hell is it considered acceptable to ship something which   
   > has a bug like _that_ in it ? :-( That should be a P1 blocker if discovered   
   > before release and should have resulted in the kit been pulled if   
   > discovered after release.   
      
   One of the fixes mentions a CVE related to X11 forwarding, so they may   
   have felt they had to get it out there sooner rather than later even if   
   it had known problems.   
      
      
   > Next question: _what_ causes the session to terminate and is it   
   > exploitable or (hopefully) just a session crasher ?   
   >   
   > Is it a supervisor or executive mode bugcheck or something which just   
   > causes a crash/bugcheck in the OpenSSH code ?   
   >   
   > Simon.   
   >   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)

[ << oldest | < older | list | newer > | newest >> ]