Red Hat Bugzilla – Bug 1017982
CVE-2013-4434 dropbear: user disclosure via authentication failure delays
Last modified: 2015-07-31 03:11:08 EDT
It was reported  that versions of dropbear prior to 2013.59 suffered from a flaw where it would disclose the existence of valid users due to inconsistent delays on authentication failures.
This has been fixed in git . A CVE assignment is pending .
Created dropbear tracking bugs for this issue:
Affects: fedora-all [bug 1017985]
Affects: epel-all [bug 1017986]
Can I close it now?
Closing, thank you!