[Secure-testing-commits] r39404 - in data: . CVE

[Antoine Beaupré]

Author: anarcat
Date: 2016-02-01 22:19:32 +0000 (Mon, 01 Feb 2016)
New Revision: 39404

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
mark the openssh issue as solved, as with wheezy and jessie

it is not worth trying to reproduce it in squeeze if we disable untrusted connexions by default anyways

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-01 21:47:10 UTC (rev 39403)
+++ data/CVE/list	2016-02-01 22:19:32 UTC (rev 39404)
@@ -1099,13 +1099,13 @@
 	- openssh <unfixed>
 	[jessie] - openssh <no-dsa> (Minor issue)
 	[wheezy] - openssh <no-dsa> (Minor issue)
+	[squeeze] - openssh <no-dsa> (Minor issue)
 	NOTE: Upstream commit: https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
 	NOTE: which needs to be applied after: https://anongit.mindrot.org/openssh.git/commit/?id=f98a09cacff7baad8748c9aa217afd155a4d493f
 	NOTE: Background information on X11 SECURITY extension and SSH: https://thejh.net/written-stuff/openssh-6.8-xsecurity
 	NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
 	NOTE: Red Hat Bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1298741
 	NOTE: vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)
-	TODO: check if squeeze is vulnerable
 CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
 	- openssh 1:7.1p2-1
 	[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2016-02-01 21:47:10 UTC (rev 39403)
+++ data/dla-needed.txt	2016-02-01 22:19:32 UTC (rev 39404)
@@ -65,8 +65,6 @@
 --
 openjdk-6 (Markus Koschany)
 --
-openssh (Guido Günther)
---
 php5 (Thorsten Alteholz)
   NOTE: next upload end of December
 --