Daniel Kahn Gillmor
2010-Sep-29 17:24 UTC
[Secure-testing-team] libpam-ssh embeds code from OpenSSH.
hi testing team--- more grist for the EmbeddedCodeCopies mill: libpam-ssh embeds at least authfile.c from OpenSSH, including code that deals with sensitive cryptographic material :( I just filed http://bugs.debian.org/598522 about it. thanks, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 900 bytes Desc: OpenPGP digital signature URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20100929/7506431f/attachment.pgp>