[Secure-testing-commits] r9479 - data/CVE

thijs at alioth.debian.org thijs at alioth.debian.org
Thu Jul 31 09:38:14 UTC 2008


Author: thijs
Date: 2008-07-31 09:38:13 +0000 (Thu, 31 Jul 2008)
New Revision: 9479

Modified:
   data/CVE/list
Log:
openssh issue is by design


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-07-31 09:14:16 UTC (rev 9478)
+++ data/CVE/list	2008-07-31 09:38:13 UTC (rev 9479)
@@ -244,7 +244,8 @@
 CVE-2008-3235 (Unspecified vulnerability in the PropFilePasswordEncoder utility in ...)
 	NOT-FOR-US: IBM WebSphere Application Server
 CVE-2008-3234 (sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH ...)
-	TODO: check
+	- openssh <unfixed> (unimportant)
+	NOTE: this is by design
 CVE-2008-3233 (Cross-site scripting (XSS) vulnerability in WordPress before 2.6, SVN ...)
 	- wordpress <not-affected> (Code was only present in svn versions)
 CVE-2008-3232 (Unspecified vulnerability in dotclear before 1.2.8 has unknown impact ...)




More information about the Secure-testing-commits mailing list