[Secure-testing-commits] r45538 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Oct 24 06:53:30 UTC 2016
Author: carnil
Date: 2016-10-24 06:53:29 +0000 (Mon, 24 Oct 2016)
New Revision: 45538
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2016-8858
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-24 06:53:10 UTC (rev 45537)
+++ data/CVE/list 2016-10-24 06:53:29 UTC (rev 45538)
@@ -53,8 +53,8 @@
- musl <unfixed>
NOTE: http://www.openwall.com/lists/oss-security/2016/10/19/1
NOTE: Also check lib/tre-match-parallel.c
-CVE-2016-8858
- - openssh <unfixed>
+CVE-2016-8858 [Memory exhaustion due to unregistered KEXINIT handler after receiving message]
+ - openssh <unfixed> (bug #841884)
[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)
NOTE: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
More information about the Secure-testing-commits
mailing list