[Secure-testing-commits] r35706 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jul 25 15:30:27 UTC 2015


Author: carnil
Date: 2015-07-25 15:30:27 +0000 (Sat, 25 Jul 2015)
New Revision: 35706

Modified:
   data/CVE/list
Log:
Update information for CVE-2015-5600/openssh

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-25 14:41:32 UTC (rev 35705)
+++ data/CVE/list	2015-07-25 15:30:27 UTC (rev 35706)
@@ -58,7 +58,10 @@
 	RESERVED
 	- openssh <unfixed>
 	NOTE: http://seclists.org/fulldisclosure/2015/Jul/92
-	TODO: check
+	NOTE: Affects configurations that have KbdInteractiveAuthentication set
+	NOTE: to yes. Default for KbdInteractiveAuthentication is to use whatever
+	NOTE: value ChallengeResponseAuthentication is set to, which is 'no' in
+	NOTE: default configurations in Debian.
 CVE-2015-5599
 	RESERVED
 CVE-2015-5598




More information about the Secure-testing-commits mailing list