Thanks all,

For what its worth, this bug is fixed in openssh-5.3p1-83.el6 which 
seems to be available now in sl6x-fastbugs

-- 
Steven Haigh

Email: [log in to unmask]
Web: http://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
Fax: (03) 8338 0299

On 9/11/2012 2:54 AM, Connie Sieh wrote:
> On Thu, 8 Nov 2012, Pat Riehecky wrote:
>
>> On 11/08/2012 07:59 AM, Steven Haigh wrote:
>>> Hi all,
>>>
>>> I'm currently working through an issue with OpenSSH in 6.3.
>>>
>>> Relevant bugzilla entries:
>>> Fedora 18: https://bugzilla.redhat.com/show_bug.cgi?id=872608
>>> EL6: https://bugzilla.redhat.com/show_bug.cgi?id=869903
>>>
>>> I'm a bit curious how stuff gets into the fastbugs or testing repos
>>> for SL. Are these the same source repos that TUV uses for the same
>>> repo names?
>>>
>>> When this does get fixed and confirmed, I'm going to try and chase it
>>> through the EL6 chains as well as F18.
>>>
>>
>> Items in the 'fastbugs' repo are packages released by upstream which
>> do not address a security issue and are not part of a point release.
>> These are primarily bugfix and enhancement packages.  Some packages
>> developed by Scientific Linux are also considered fastbugs, depending
>> on when they were developed and how quickly they should be released.
>
> Fastbugs trys to "follow" the "FastTrack" channel of RHEL.
>
>>
>> Packages in the 'testing' repo are packages that we feel could benefit
>> from some additional testing before being merged with the main trees.
>> This is handled on a case by case basis, so it is difficult to provide
>> an exact description.  For upstream packages, these packages are
>> typically built from the publicly released source.  For example, when
>> firefox moved from the 3 series to the 10 series, the firefox packages
>> were placed in testing first. Similarly, the security errata released
>> as a part of the upstream 6.3 release went into testing before being
>> merged into the main SL trees.
>>
>> I hope this has been helpful.
>>
>> Pat
>>
>>
>
> -Connie Sieh