[Secure-testing-commits] r38955 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jan 15 21:03:36 UTC 2016


Author: carnil
Date: 2016-01-15 21:03:36 +0000 (Fri, 15 Jan 2016)
New Revision: 38955

Modified:
   data/CVE/list
Log:
Update information for CVE-2016-1907/openssh

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-01-15 18:56:58 UTC (rev 38954)
+++ data/CVE/list	2016-01-15 21:03:36 UTC (rev 38955)
@@ -398,8 +398,11 @@
 	TODO: check
 CVE-2016-1907 [Fix an out of-bound read access in the packet handling code]
 	- openssh 1:7.1p2-1
+	[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
+	[wheezy] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
 	[squeeze] - openssh <not-affected> (Issue introduced in OpenSSH 6.8)
-	NOTE: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
+	NOTE: Fixed by: https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
+	NOTE: Introduced by: https://anongit.mindrot.org/openssh.git/commit/packet.c?id=091c302829210c41e7f57c3f094c7b9c054306f0 (V_6_8_P1)
 CVE-2016-1898
 	RESERVED
 	- ffmpeg <unfixed>




More information about the Secure-testing-commits mailing list