[Secure-testing-commits] r31714 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Tue Jan 27 05:27:32 UTC 2015


Author: carnil
Date: 2015-01-27 05:27:32 +0000 (Tue, 27 Jan 2015)
New Revision: 31714

Modified:
   data/CVE/list
Log:
Add fixed version for CVE-2014-8132/libssh, #773577

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-26 23:45:34 UTC (rev 31713)
+++ data/CVE/list	2015-01-27 05:27:32 UTC (rev 31714)
@@ -7491,7 +7491,7 @@
 	- linux-2.6 <removed>
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
 CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)
-	- libssh <unfixed> (bug #773577)
+	- libssh 0.6.3-4 (bug #773577)
 	[wheezy] - libssh <no-dsa> (Minor issue)
 	[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
 	NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/




More information about the Secure-testing-commits mailing list