OpenSSH: client bug CVE-2016-0777 and CVE-2016-0778
Gordon Messmer
gordon.messmer at gmail.com
Fri Jan 15 16:48:34 UTC 2016
On 01/15/2016 03:51 AM, Tim wrote:
> This shows just one advantage of doing fresh installs, instead of
> updates. Those of use who do fresh installs, won't have old keys from
> prior releases still on our systems.
"Your keys" means your private authentication keys. The ones in
~/.ssh. If you keep or restore your home directory, it doesn't matter
if you do a fresh install or an upgrade. I have a hard time imagining
any significant number of people disposing of all of their data every
time they update Fedora.
More information about the users
mailing list