[Secure-testing-commits] r39843 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 23 15:38:40 UTC 2016
Author: carnil
Date: 2016-02-23 15:38:40 +0000 (Tue, 23 Feb 2016)
New Revision: 39843
Modified:
data/CVE/list
Log:
Remove no-dsa tagged entries for two CVEs for libssh
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 15:32:27 UTC (rev 39842)
+++ data/CVE/list 2016-02-23 15:38:40 UTC (rev 39843)
@@ -22896,7 +22896,6 @@
RESERVED
- libssh 0.6.3-4.2 (bug #784404)
[jessie] - libssh 0.6.3-4+deb8u1
- [wheezy] - libssh <no-dsa> (Minor issue)
[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
CVE-2015-3145 (The sanitize_cookie_path function in cURL and libcurl 7.31.0 through ...)
@@ -36970,7 +36969,6 @@
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)
- libssh 0.6.3-4 (bug #773577)
- [wheezy] - libssh <no-dsa> (Minor issue)
[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
NOTE: Upstream patch: http://git.libssh.org/projects/libssh.git/commit/?id=c2aed4ca78030d9014a890cb4370e6dc8264823f
More information about the Secure-testing-commits
mailing list