[Secure-testing-commits] r39405 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Mon Feb 1 22:20:54 UTC 2016
Author: anarcat
Date: 2016-02-01 22:20:54 +0000 (Mon, 01 Feb 2016)
New Revision: 39405
Modified:
data/CVE/list
Log:
fixup: add link to openssh thread to explain better
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-01 22:19:32 UTC (rev 39404)
+++ data/CVE/list 2016-02-01 22:20:54 UTC (rev 39405)
@@ -1106,6 +1106,7 @@
NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html
NOTE: Red Hat Bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1298741
NOTE: vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)
+ NOTE: https://lists.debian.org/debian-lts/2016/01/msg00029.html
CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
- openssh 1:7.1p2-1
[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
More information about the Secure-testing-commits
mailing list