From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-apps-return-37001-listarch-cygwin-apps=sources.redhat.com@cygwin.com>
Received: (qmail 21540 invoked by alias); 11 Feb 2016 03:59:40 -0000
Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm
Precedence: bulk
Sender: cygwin-apps-owner@cygwin.com
List-Id: <cygwin-apps.cygwin.com>
List-Subscribe: <mailto:cygwin-apps-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin-apps/>
List-Post: <mailto:cygwin-apps@cygwin.com>
List-Help: <mailto:cygwin-apps-help@cygwin.com>, <http://sourceware.org/lists.html#faqs>
Mail-Followup-To: cygwin-apps@cygwin.com
Received: (qmail 21528 invoked by uid 89); 11 Feb 2016 03:59:39 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=2.0 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=Hx-spam-relays-external:sk:BAY004-, H*RU:sk:BAY004-, H*r:sk:BAY004-, H*RU:sk:bay004-
X-HELO: BAY004-OMC4S10.hotmail.com
Received: from bay004-omc4s10.hotmail.com (HELO BAY004-OMC4S10.hotmail.com) (65.54.190.212) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA256 encrypted) ESMTPS; Thu, 11 Feb 2016 03:59:39 +0000
Received: from BAY169-W83 ([65.54.190.201]) by BAY004-OMC4S10.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008);	 Wed, 10 Feb 2016 19:59:38 -0800
X-TMN: [4Ca1YcKIaeP6JUsVr2+vxll4kgd56GZN]
Message-ID: <BAY169-W8343B71FCE33C37B2C4219A7A80@phx.gbl>
From: Tony Kelman <tony@kelman.net>
To: "cygwin-apps@cygwin.com" <cygwin-apps@cygwin.com>
Subject: RE: [SECURITY] p7zip: CVE-2015-1038
Date: Thu, 11 Feb 2016 03:59:00 -0000
In-Reply-To: <87twlgwfsp.fsf@Rainer.invalid>
References: <56AB9A3F.3040808@cygwin.com>	<BAY169-W135C2459F190107A746FE76A7DB0@phx.gbl>	<BAY169-W401D7F793D3E837DBF61F5A7DC0@phx.gbl>	<BAY169-W408B5913ECB16EC67C8CD4A7DC0@phx.gbl>	<20160208135409.GI27646@calimero.vinschen.de>	<BAY169-W61D70AFE36EB965B52B599A7D60@phx.gbl>,<87twlgwfsp.fsf@Rainer.invalid>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-IsSubscribed: yes
X-SW-Source: 2016-02/txt/msg00027.txt.bz2

> What means "NMU"?

Sorry, that's a Debian term for "non-maintainer upload." I don't know
if we ever do those in Cygwin?

> Recently the default configuration has been changed to only have hashes
> in that file. You could change it back or use ssh management commands
> to remove the existing entries for sourceware or cygwin that are hashed
> into the file.

I'm not very familiar with the intricacies of ssh auth options, as you
can probably guess. I tried removing ~/.ssh/known_hosts (backing up to
a different file name) but no change. Is there a cygport or sftp or ssh
option via command line or environment variable that I can set for more
verbose debugging output that might tell us what's going on here?

Thanks,
Tony

=20=09=09=20=09=20=20=20=09=09=20=20