[Secure-testing-commits] r40360 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Mar 14 06:09:10 UTC 2016
Author: carnil
Date: 2016-03-14 06:09:10 +0000 (Mon, 14 Mar 2016)
New Revision: 40360
Modified:
data/CVE/list
Log:
Add upstream announce reference for CVE-2016-1908
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-03-14 05:58:08 UTC (rev 40359)
+++ data/CVE/list 2016-03-14 06:09:10 UTC (rev 40360)
@@ -4321,6 +4321,7 @@
NOTE: Red Hat Bugzilla entry: https://bugzilla.redhat.com/show_bug.cgi?id=1298741
NOTE: vulnerability is partly due to /etc/X11/Xsession.d/35x11-common_xhost-local introduced in x11-common in 1:7.6+9 (wheezy and up)
NOTE: https://lists.debian.org/debian-lts/2016/01/msg00029.html
+ NOTE: Upstream announce: http://www.openssh.com/txt/release-7.2
CVE-2016-1907 (The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 ...)
- openssh 1:7.1p2-1
[jessie] - openssh <not-affected> (Vulnerable code not present; Introduced in OpenSSH 6.8)
More information about the Secure-testing-commits
mailing list