A flaw was found in OpenSSH versions from 5.9 (September 6, 2011) to the recently released 7.8 (August 24, 2018), inclusive. A remotely observable behaviour in auth-gss2.c could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. Similar to CVE-2018-15473 (it is not a timing attack)
Created openssh tracking bugs for this issue:
Affects: fedora-all [bug 1623185]
Hi everyone, Will this cve be fixed in redhat7 ?
looking for your reply.Thanks.