[Secure-testing-commits] r40191 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Mar 6 16:25:09 UTC 2016
Author: carnil
Date: 2016-03-06 16:25:09 +0000 (Sun, 06 Mar 2016)
New Revision: 40191
Modified:
data/CVE/list
Log:
Add CVE-2016-2563/putty
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-06 16:06:00 UTC (rev 40190)
+++ data/CVE/list 2016-03-06 16:25:09 UTC (rev 40191)
@@ -691,8 +691,12 @@
RESERVED
CVE-2016-2564
RESERVED
-CVE-2016-2563
+CVE-2016-2563 [old-style scp downloads may allow remote code execution]
RESERVED
+ - putty <unfixed>
+ NOTE: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html
+ NOTE: http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=bc6c15ab5f636e05b7e91883f0031a7e06117947
+ TODO: check
CVE-2016-2562 (The checkHTTP function in libraries/Config.class.php in phpMyAdmin ...)
- phpmyadmin 4:4.5.5.1-1 (unimportant)
[wheezy] - phpmyadmin <not-affected>
More information about the Secure-testing-commits
mailing list