[Secure-testing-commits] r9835 - data/CVE
joeyh at alioth.debian.org
joeyh at alioth.debian.org
Tue Sep 16 21:14:15 UTC 2008
Author: joeyh
Date: 2008-09-16 21:14:14 +0000 (Tue, 16 Sep 2008)
New Revision: 9835
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-09-16 21:01:22 UTC (rev 9834)
+++ data/CVE/list 2008-09-16 21:14:14 UTC (rev 9835)
@@ -1,5 +1,5 @@
CVE-2008-4109 [unsafe sigdie function called by signal handler]
- {CVE-2006-5051}
+ {DSA-1638-1 CVE-2006-5051}
- openssh 1:4.6p1-1 (low)
NOTE: The patch backported for CVE-2006-5051 was incorrect and did not
NOTE: fully address the issue. The upstream fix in 4.4p1 was
@@ -31225,7 +31225,7 @@
[etch] - openssh <no-dsa> (Minor issue)
- openssh 1:4.6p1-1 (low)
CVE-2006-5051 (Signal handler race condition in OpenSSH before 4.4 allows remote ...)
- {DSA-1212 DSA-1189-1}
+ {DSA-1638-1 DSA-1212 DSA-1189-1}
- openssh 1:4.6p1-1 (low)
- openssh-krb5 <removed> (high)
NOTE: From my analysis only openssh with Kerberos support should be vulnerable
More information about the Secure-testing-commits
mailing list