[Secure-testing-commits] r34090 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 6 05:01:08 UTC 2015
Author: carnil
Date: 2015-05-06 05:01:07 +0000 (Wed, 06 May 2015)
New Revision: 34090
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2015-3146/libssh
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-05-06 03:32:06 UTC (rev 34089)
+++ data/CVE/list 2015-05-06 05:01:07 UTC (rev 34090)
@@ -1182,7 +1182,8 @@
NOT-FOR-US: abrt is Red Hat / Fedora specific
CVE-2015-3146 [null pointer dereference due to a logical error in the handling of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets]
RESERVED
- - libssh <unfixed>
+ - libssh <unfixed> (bug #784404)
+ [squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
CVE-2015-3145 (The sanitize_cookie_path function in cURL and libcurl 7.31.0 through ...)
- curl 7.42.0-1
More information about the Secure-testing-commits
mailing list