[Secure-testing-commits] r39846 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Feb 23 16:17:13 UTC 2016
Author: carnil
Date: 2016-02-23 16:17:09 +0000 (Tue, 23 Feb 2016)
New Revision: 39846
Modified:
data/CVE/list
Log:
Add entries for fixes which will be included in libssh DSA (but previously scheduled via wheezy-pu).
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-23 15:45:59 UTC (rev 39845)
+++ data/CVE/list 2016-02-23 16:17:09 UTC (rev 39846)
@@ -22896,6 +22896,7 @@
RESERVED
- libssh 0.6.3-4.2 (bug #784404)
[jessie] - libssh 0.6.3-4+deb8u1
+ [wheezy] - libssh 0.5.4-1+deb7u3
[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
CVE-2015-3145 (The sanitize_cookie_path function in cURL and libcurl 7.31.0 through ...)
@@ -36969,6 +36970,7 @@
NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86?id=41bdc78544b8a93a9c6814b8bbbfef966272abbe
CVE-2014-8132 (Double free vulnerability in the ssh_packet_kexinit function in kex.c ...)
- libssh 0.6.3-4 (bug #773577)
+ [wheezy] - libssh 0.5.4-1+deb7u3
[squeeze] - libssh <not-affected> (Issue only present in versions > 0.5.1, squeeze has 0.4.5)
NOTE: http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/
NOTE: Upstream patch: http://git.libssh.org/projects/libssh.git/commit/?id=c2aed4ca78030d9014a890cb4370e6dc8264823f
More information about the Secure-testing-commits
mailing list