openSSH Vulnerability

[Bruce Halco]

openSSH 7.9 is subject to vulnerability CVE-2019-6111. This has been 
fixed in at least some distributions, Debian at least.

As the cygwin openSSH files are all dated October, 2018, it seems clear 
that the fix has not yet been applied to cygwin.

Are there plans to address this?

Thanks.

Bruce




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple