[Secure-testing-commits] r36215 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Aug 20 12:42:43 UTC 2015
Author: jmm
Date: 2015-08-20 12:42:43 +0000 (Thu, 20 Aug 2015)
New Revision: 36215
Modified:
data/CVE/list
Log:
openssh fixed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-20 12:17:21 UTC (rev 36214)
+++ data/CVE/list 2015-08-20 12:42:43 UTC (rev 36215)
@@ -14,7 +14,7 @@
CVE-2015-6516 (SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier ...)
TODO: check
CVE-2015-6515 (Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk ...)
- TODO: check
+ NOT-FOR-US: Splunk
CVE-2015-6514 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk ...)
TODO: check
CVE-2015-6513 (Multiple SQL injection vulnerabilities in the J2Store (com_j2store) ...)
@@ -1208,14 +1208,14 @@
NOTE: Issue introduced with https://anongit.mindrot.org/openssh.git/commit/?id=a5883d4eccb94b16c355987f58f86a7dee17a0c2 (V_6_8_P1)
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/12/1
CVE-2015-XXXX [Privilege separation weakness related to PAM support]
- - openssh <unfixed> (low; bug #795711)
+ - openssh 1:6.9p1-1 (bug #795711)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
[squeeze] - openssh <no-dsa> (Minor issue)
NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/08/11/9
CVE-2015-XXXX [Use-after-free bug related to PAM support]
- - openssh <unfixed> (low; bug #795711)
+ - openssh 1:6.9p1-1 (bug #795711)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
[squeeze] - openssh <no-dsa> (Minor issue)
@@ -2140,7 +2140,7 @@
RESERVED
CVE-2015-5600 (The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH ...)
{DLA-288-1}
- - openssh <unfixed> (bug #793616)
+ - openssh 1:6.9p1-1 (bug #793616)
[jessie] - openssh <no-dsa> (Minor issue; not in default configurations)
[wheezy] - openssh <no-dsa> (Minor issue; not in default configurations)
NOTE: http://seclists.org/fulldisclosure/2015/Jul/92
@@ -3501,7 +3501,7 @@
NOTE: http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi
CVE-2015-5352 (The x11_open_helper function in channels.c in ssh in OpenSSH before ...)
{DLA-288-1}
- - openssh <unfixed> (bug #790798)
+ - openssh 1:6.9p1-1 (bug #790798)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
NOTE: http://www.openwall.com/lists/oss-security/2015/07/01/7
More information about the Secure-testing-commits
mailing list