[Secure-testing-commits] r9094 - data/DSA

[fw at alioth.debian.org]

Author: fw
Date: 2008-06-17 19:53:04 +0000 (Tue, 17 Jun 2008)
New Revision: 9094

Modified:
   data/DSA/list
Log:
DSA-1576-1: Do not mark openssh as vulnerable


Modified: data/DSA/list
===================================================================
--- data/DSA/list	2008-06-17 19:53:00 UTC (rev 9093)
+++ data/DSA/list	2008-06-17 19:53:04 UTC (rev 9094)
@@ -65,7 +65,9 @@
 	[etch] - gforge 4.5.14-22etch8
 [14 May 2008] DSA-1576-1 openssh openssh-blacklist - predictable randomness
 	{CVE-2007-4752 CVE-2008-0166 CVE-2008-1483 CVE-2008-2285}
-	[etch] - openssh 1:4.3p2-9etch2
+	NOTE: [etch] - openssh 1:4.3p2-9etch2
+	NOTE: The package should not be flagged as vulnerable because this is just
+	NOTE: a band-aid for DSA-1571-1.
 [12 May 2008] DSA-1575-1 linux-2.6 - denial of service
 	{CVE-2008-1669}
 	[etch] - linux-2.6 2.6.18.dfsg.1-18etch4