[Secure-testing-commits] r35710 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jul 25 15:34:56 UTC 2015
Author: carnil
Date: 2015-07-25 15:34:55 +0000 (Sat, 25 Jul 2015)
New Revision: 35710
Modified:
data/CVE/list
Log:
Mark CVE-2015-5600 as no-dsa for wheezy and jessie (left squeeze since it is in dla-needed)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-25 15:34:47 UTC (rev 35709)
+++ data/CVE/list 2015-07-25 15:34:55 UTC (rev 35710)
@@ -57,6 +57,8 @@
CVE-2015-5600 [authentication limits bypass]
RESERVED
- openssh <unfixed> (bug #793616)
+ [jessie] - openssh <no-dsa> (Minor issue; not in default configurations)
+ [wheezy] - openssh <no-dsa> (Minor issue; not in default configurations)
NOTE: http://seclists.org/fulldisclosure/2015/Jul/92
NOTE: Affects configurations that have KbdInteractiveAuthentication set
NOTE: to yes. Default for KbdInteractiveAuthentication is to use whatever
More information about the Secure-testing-commits
mailing list