[Secure-testing-commits] r23251 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Thu Aug 8 13:50:36 UTC 2013
Author: carnil
Date: 2013-08-08 13:50:36 +0000 (Thu, 08 Aug 2013)
New Revision: 23251
Modified:
data/CVE/list
Log:
adjust description for CVE-2011-4607 and add reference
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-08-08 11:56:45 UTC (rev 23250)
+++ data/CVE/list 2013-08-08 13:50:36 UTC (rev 23251)
@@ -31256,9 +31256,10 @@
[squeeze] - eglibc 2.11.3-4
CVE-2011-4608 (mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
-CVE-2011-4607 [http://seclists.org/oss-sec/2011/q4/500]
+CVE-2011-4607 [Passwords left in memory using SSH keyboard-interactive auth]
RESERVED
- putty 0.62-1 (unimportant)
+ NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/password-not-wiped.html
NOTE: Hardening measure, not a vulnerability
CVE-2011-4606 (Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 ...)
- rocksndiamonds 3.3.0.1+dfsg1-2.2 (bug #651620)
More information about the Secure-testing-commits
mailing list