[Secure-testing-commits] r36014 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Aug 12 14:09:17 UTC 2015
Author: carnil
Date: 2015-08-12 14:09:16 +0000 (Wed, 12 Aug 2015)
New Revision: 36014
Modified:
data/CVE/list
Log:
Update information on openssh issue
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-12 13:44:59 UTC (rev 36013)
+++ data/CVE/list 2015-08-12 14:09:16 UTC (rev 36014)
@@ -1,8 +1,8 @@
CVE-2015-XXXX [Incorrectly set TTYs to be world-writable]
- - openssh <unfixed>
+ - openssh <not-affected> (Vulnerable code introduce in V_6_8_P1)
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=6f941396b6835ad18018845f515b0c4fe20be21a
+ NOTE: Issue introduced with https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 (V_6_8_P1)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/12/1
- TODO: check
CVE-2015-XXXX [Privilege separation weakness related to PAM support]
- openssh <unfixed>
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
More information about the Secure-testing-commits
mailing list