Subject: Re: [PINE-CERT-20020301] OpenSSH off-by-one
To: <>
From: Jan Schaumann <>
List: netbsd-users
Date: 03/08/2002 09:16:04
Dave Huang <> wrote:
> On Thu, 7 Mar 2002, Brian A. Seklecki wrote:
> > It just got commited (i imagine the 1-5 branch will be brought up, too).
> > I imagine this warrants a security advisory?
> I just cvs'd -current and tried to compile, and it's bombing out in the
> sftp directory:
> /usr/tools/bin/alpha--netbsd-gcc -O2 -pipe -mcpu=ev56 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wno-uninitialized  -Werror  -I/usr/src.local/usr.bin/ssh/sftp/../../../crypto/dist/ssh -DHAVE_LOGIN_CAP -nostdinc -isystem /usr/include  -c /usr/src.local/usr.bin/ssh/sftp/../../../crypto/dist/ssh/sftp-client.c
> cc1: warnings being treated as errors
> /usr/src.local/usr.bin/ssh/sftp/../../../crypto/dist/ssh/sftp-client.c: In function `do_download':
> /usr/src.local/usr.bin/ssh/sftp/../../../crypto/dist/ssh/sftp-client.c:821: warning: long long unsigned int format, u_int64_t arg (arg 2)
> [ a couple more format warnings ]

This is a _warning_ - this should not cause the compile to fail, no?
What is/are the error-messages?

Please do not CC me when replying to messages on a Mailing List.
See Mail-Followup-To header (above) and