[Secure-testing-commits] r7130 - data/CVE
nion at alioth.debian.org
nion at alioth.debian.org
Sun Oct 28 15:56:34 UTC 2007
Author: nion
Date: 2007-10-28 15:56:33 +0000 (Sun, 28 Oct 2007)
New Revision: 7130
Modified:
data/CVE/list
Log:
CVE-2007-3102 openssh-server not-affected, see notes
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-10-28 15:44:18 UTC (rev 7129)
+++ data/CVE/list 2007-10-28 15:56:33 UTC (rev 7130)
@@ -6613,7 +6613,10 @@
{DSA-1342-1}
- xfs 1:1.0.4-2
CVE-2007-3102 (Unspecified vulnerability in the linux_audit_record_event function in ...)
- TODO: check
+ - openssh-server <not-affected> (This is a redhat/fedora specific issue)
+ NOTE: this issue was introduced by a patch of redhat (openssh-4.3p1-audit.patch)
+ NOTE: The patch fixing this (openssh-4.3p2-cve-2007-3102.patch) can be found on:
+ NOTE: http://mirror.linux.duke.edu/pub/fedora/linux/core/updates/6/SRPMS/openssh-4.3p2-25.fc6.src.rpm
CVE-2007-3101 (Multiple cross-site scripting (XSS) vulnerabilities in certain JSF ...)
NOT-FOR-US: Apache MyFaces Tomahawk
CVE-2007-3100 (usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before ...)
More information about the Secure-testing-commits
mailing list