Hi, In 7.3 release notes: https://www.openssh.com/txt/release-7.3 We have 5 security related fixes, however CVE # has been assigned to only 2 of them (CVE-2016-6210 and CVE-2015-8325). Does that mean the other 3 are non security related fixes ? When does a security fix qualify to be a assigned a CVE # ? Thanks Regards Sandeep _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev