[Secure-testing-commits] r39838 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 23 13:16:35 UTC 2016
Author: carnil
Date: 2016-02-23 13:16:35 +0000 (Tue, 23 Feb 2016)
New Revision: 39838
Modified:
data/CVE/list
Log:
Add reference to upstream fix for libssh2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 13:15:06 UTC (rev 39837)
+++ data/CVE/list 2016-02-23 13:16:35 UTC (rev 39838)
@@ -5318,6 +5318,7 @@
RESERVED
CVE-2016-0787 [Weak Diffie-Hellman secret generation in libssh2 before 1.7.0]
- libssh2 <unfixed>
+ NOTE: Upstream fix: https://github.com/libssh2/libssh2/commit/ca5222ea819cc5ed797860070b4c6c1aeeb28420
NOTE: Upstream patch only fixes DH SHA-256 key exchange type, not DH SHA-1
CVE-2016-0786
RESERVED
More information about the Secure-testing-commits
mailing list