[Secure-testing-commits] r39841 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 23 13:36:48 UTC 2016
Author: carnil
Date: 2016-02-23 13:36:48 +0000 (Tue, 23 Feb 2016)
New Revision: 39841
Modified:
data/CVE/list
Log:
Add bug references for libssh and libssh2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 13:26:28 UTC (rev 39840)
+++ data/CVE/list 2016-02-23 13:36:48 UTC (rev 39841)
@@ -5317,7 +5317,7 @@
CVE-2016-0788
RESERVED
CVE-2016-0787 [Weak Diffie-Hellman secret generation in libssh2 before 1.7.0]
- - libssh2 <unfixed>
+ - libssh2 <unfixed> (bug #815662)
NOTE: Upstream fix: https://github.com/libssh2/libssh2/commit/ca5222ea819cc5ed797860070b4c6c1aeeb28420
NOTE: Upstream patch only fixes DH SHA-256 key exchange type, not DH SHA-1
CVE-2016-0786
@@ -5493,7 +5493,7 @@
NOTE: Fixed by: https://github.com/python-pillow/Pillow/commit/6dcbf5bd96b717c58d7b642949da8d323099928e (3.1.1)
NOTE: Introduced by: https://github.com/python-pillow/Pillow/commit/e782fe721e0156de9636e78cd881d9f9e7e6ce50 (2.0.0)
CVE-2016-0739 [Weak Diffie-Hellman secret generation in libssh]
- - libssh <unfixed>
+ - libssh <unfixed> (bug #815663)
NOTE: Upstream fix: https://git.libssh.org/projects/libssh.git/commit/?h=v0-7&id=f8d0026c65fc8a55748ae481758e2cf376c26c86
CVE-2016-0738 (OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x ...)
- swift 2.5.0-3 (bug #812984)
More information about the Secure-testing-commits
mailing list