Subject: Does the FreeBSD S/Key vulnerability apply to NetBSD?
To: None <current-users@NetBSD.ORG>
From: John F. Woods <firstname.lastname@example.org>
Date: 06/15/1995 14:25:47
CERT just released a report of a security hole in the S/Key package apparantly
as ported to FreeBSD by Wietse Venema (CERT Vendor-Initiated Bulletin VB-95:04,
<1995Jun14.email@example.com> in comp.security.announce). The text
makes it look like the problem is specific to his version, and I don't see his
name anywhere in src/lib/libskey, but I thought it would be worthwhile to
explicitly ask if NetBSD's libskey fails to include this problem.