[Secure-testing-commits] r31714 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Jan 27 05:27:32 UTC 2015
Author: carnil
Date: 2015-01-27 05:27:32 +0000 (Tue, 27 Jan 2015)
New Revision: 31714
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2014-8132/libssh, #773577
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-26 23:45:34 UTC (rev 31713)
+++ data/CVE/list 2015-01-27 05:27:32 UTC (rev 31714)
@@ -7491,7 +7491,7 @@
- linux-2.6 <removed>
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)
- - libssh <unfixed> (bug #773577)
+ - libssh 0.6.3-4 (bug #773577)
[wheezy] - libssh <no-dsa> (Minor issue)
[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
More information about the Secure-testing-commits
mailing list