[Secure-testing-commits] r5123 - data/CVE
Luk Claes
luk at alioth.debian.org
Fri Dec 15 12:24:25 CET 2006
Author: luk
Date: 2006-12-15 12:24:23 +0100 (Fri, 15 Dec 2006)
New Revision: 5123
Modified:
data/CVE/list
Log:
openssh-krb5 removed (from unstable)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2006-12-15 10:27:05 UTC (rev 5122)
+++ data/CVE/list 2006-12-15 11:24:23 UTC (rev 5123)
@@ -3097,7 +3097,7 @@
CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote ...)
{DSA-1212 DSA-1189-1}
- openssh 1:4.3p2-4 (unimportant)
- - openssh-krb5 <unfixed> (high)
+ - openssh-krb5 <removed> (high)
NOTE: From my analysis only openssh with Kerberos support should be vulnerable
NOTE: However, we'll fix openssh as well just to make sure
CVE-2006-5050 (Directory traversal vulnerability in httpd in Rob Landley BusyBox ...)
@@ -20132,7 +20132,7 @@
CVE-2005-2798 (sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, ...)
- openssh 1:4.2p1-1 (bug #326065; unimportant)
NOTE: Not enabled in the binary build, see #326065
- - openssh-krb5 <unfixed> (bug #327233; medium)
+ - openssh-krb5 <removed> (bug #327233; medium)
[sarge] - openssh-krb5 <no-dsa> (Intended bahaviour, see #327233)
CVE-2005-2797 (OpenSSH 4.0, and other versions before 4.2, does not properly handle ...)
- openssh 1:4.2p1-1 (bug #326065; unimportant)
More information about the Secure-testing-commits
mailing list